Go to main content

Managing Encryption and Certificates in Oracle® Solaris 11.4

Exit Print View

Updated: May 2021
 
 

OpenSSL and Oracle Solaris

    Oracle Solaris supports two implementations of OpenSSL:

  • FIPS 140-2 capable OpenSSL

  • Non-FIPS 140-2 capable OpenSSL

Both implementations are compatible with the latest OpenSSL version from the OpenSSL project. Use the openssl version command to determine the OpenSSL version that is running on your system. This version is enhanced by code that incorporates Oracle Solaris features, such as rights profiles, into the OpenSSL project version. The libraries of the FIPS 140-2 and non-FIPS 140-2 OpenSSL implementations are API/ABI compatible.

While both implementations are present in the operating system, only one implementation can be active at a time. To determine which OpenSSL implementation is active on the system, use the pkg mediator openssl command. For an example of installing the FIPS 140-2 capable OpenSSL and switching implementations, see Example of Running in FIPS 140-2 Mode on an Oracle Solaris 11.4 System in Using a FIPS 140-2 Enabled System in Oracle Solaris 11.4.