Manualshelf

OpenSSL A.00.09.08za.001, A.00.09.08za.002, and A.00.09.08za.003 Release Notes (762808-002, June 2014)

ManualsBrandsHP ManualsSoftwareHP-UX OpenSSL Software
20212223242526272829
Example 4 When an old version of OpenSSL from Internet Express is installed on the system
# what /usr/bin/openssl
OpenSSL A.02.00-0.9.7c
Example 5 If you are running OpenSSL A.00.09.08za.003 on HP-UX 11i v3
# what /usr/bin/openssl
/usr/bin/openssl:
$OpenSSL A.00.09.08za.003, Zlib: v1.2.3 $
$OpenSSL A.00.09.08za.003, Zlib: v1.2.3 $
$OpenSSL A.00.09.08za.003, Zlib: v1.2.3 $
Example 6 When OpenSSL A.00.09.07m.d02 is installed on an HP-UX 11i v2 operating
system
# what /usr/bin/openssl
/usr/bin/openssl:
$OpenSSL A.00.09.07m.d02, Zlib: v1.2.3 $
$OpenSSL A.00.09.07m.d02, Zlib: v1.2.3 $
$OpenSSL A.00.09.07m.d02, Zlib: v1.2.3 $
Example 7 You do not have an HP-UX depot installed but have downloaded the source code
and built the product yourself
# what /usr/bin/openssl
The output of the what command depends on what you defined for the $what string in the
source code before you built the product.
2.19 A lot of information is available for OpenSSL-enabler products, such as Stunnel. How is the
procedure for installation in Stunnel different from the OpenSSL A.00.09.07m or
A.00.09.08za installation?
Consider a client-server application sending and receiving unencrypted data over the
network. You now want to achieve a higher level of security for your application. The
following methods describe how to use OpenSSL technology to encrypt client/server
communication:
You can modify client and server code using OpenSSL functions. This method gives
you the highest degree of flexibility and control regarding the features and how you
implement them.
You can set up a Stunnel-based environment in which data from the client application
is sent to a Stunnel client instead of to the server. The Stunnel client encrypts the data
using OpenSSL technology and sends encrypted data to the Stunnel server. The Stunnel
server decrypts the data and sends the original data to the target server application.
The same process is followed when data is sent from the server to the client application.
This approach enables you to secure your client-server application without changing
the source code, but limits you to the features offered by the Stunnel environment.
These are the two distinct choices available to a user application environment that
wants to SSL-encrypt its client-server communication. Both choices are valid. Direct use
of the OpenSSL library clearly provides more options.
2.20 What is the FIPS relationship to the OpenSSL API?
The FIPS object module is designed for use with the OpenSSL API. Applications linked with
the FIPS object module and with the separate OpenSSL libraries can use both the
FIPS-validated cryptographic functions of the FIPS object module and the high level functions
of OpenSSL.
27