HIFN/7955 Soekris 1401 openssl problem
Cor Bosman
cor at xs4all.nl
Sat Jul 17 00:59:47 PDT 2004
> >The problem is, nothing else seems to use it. Ive been trying with
> >sendmail/ssl and with apache/ssl. The card uses /dev/crypto, which exists,
> >and I can make openssl load the cryptodev engine. But even a command like
> >'openssl speed -engine cryptodev' doesnt use the card for any algorithm.
> >Sendmail and apache are linked with libcrypto.
>
> Only certain commands /encryption schemes will use it in openssl. eg
>
> /usr/bin/openssl enc -des3 -in big.txt -k pass -out big.txt.enc
>
> Also, for ipsec you need to use FAST_IPSEC if you want to use it for
> IPSEC stuff.
>
> You are using the base openssl right ?
I dont want to use it for IPSEC. One of my collegues is, and thats working
fine also. I want to use it for TLS/SSL acceleration in sendmail.
I linked sendmail against the base openssl (libcrypto and libssl).
When using mozilla to send a mail it negotiates the following encryption
scheme: DHE-RSA-AES256-SHA. Ive also used Kmail and outlook, which
negotiated slightly different schemes, but also didnt work.
And I forced a whole myriad of schemes, from simple to complicated, through
apache, and none of them worked.
Is there a way to get hardware acceleration for sendmail TLS/SSL?
Maybe get a different card?
Cor
More information about the freebsd-hackers
mailing list