I understand that the OpenSSL developers are working on a newer FIPS module for the OpenSSL 1.1.1 versions, but till it is released, I guess I would have to stick to OpenSSL 1.0.2. Hello, The OpenSSL project team would like to announce the forthcoming release of OpenSSL version 3.0.7. Application images are much more likely to have a version of OpenSSL installed. This means that I can either use the newer OpenSSL version and have the applications using dcmtk use TLS 1.2 without the FIPS module or have FIPS but not TLS v1.2. Most of the default package manager installs also don’t use OpenSSL 3.0.x, said Clark. To give a background context to why I want to use an older LTS version of OpenSSL to build dcmtk: the reason is the OpenSSL FIPS module, which can only be used with the 1.0.2 version of OpenSSL. Its not the secure version (recall that the secure version is 3.0.2-0ubuntu1.7). But right now there are to installations: the original and this one. My question is, if I want to write an application that uses OpenSSL version 1.0.2 and yet supports TLS version 1.2 based connections, then is there some way I can make dcmtk use the new TLS_* methods for initializing the context short of modifying the file and rebuilding dcmtk? Even if (as a last resort) I modify the check for the OpenSSL version while initialising the context so that it always uses the TLS_method/TLS_server_method/TLS_client_method, would there a negative side effect to it? Execute the Makefile, this will take some time, by: sudo make sudo make install. In dcmtls/libsrc/, the TLS context being created for OpenSSL versions lower than 1.1.0 uses SSLv23_* methods, which probably causes an application using dcmtk libraries to choose a lower version than TLS 1.2 to establish the secure connection. I have a couple of questions about the TLS standard version that dcmtk uses when the OpenSSL version being used while building dcmtk is lower than 1.1.0.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |