Re: Download of ADSFIPSModule.zip

For the generation of the self signed certficates I use the 0.9.8p-fips 16 Nov 2010 from Sybase.

At first openssl.exe was included with the ADSFIPSModule.zip

>Parag Mahadane wrote the following

This file contains only the libraries needed by ADS server.

Openssl.exe is not included. It can be downloaded from the OpenSSL website.

The current version of openssl.exe that I use is not compatible with the dlls supplied with ADSFIPSModule.zip so I still use the old version supplied by Sybase to generate the self signed certificates.

With this openssl and my .cnf I create the

• CLIENT certificate wudbuniv1-CLIENT-CERT.PEM
• SERVER public and private certificate wudbuniv1-SERVER-PUBL-PRIV-CERT.PEM

The ssleay32.dll and libeay32.dll have been copied in the path where ads.exe is installed.

I use Win7-64bit with

• Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
• Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

The certificate is placed at the root D:\

• Launch services.msc
• Click on Advantage Database Server (start manual) with the following
• starting parameters: "/TLSKeyFile D:\wudbuniv1-SERVER-PUBL-PRIV-CERT.pem /TLSKeyPassword <passphrase> /TLSCiphers AES256 /FIPS"

From the client I connect using AdsConnect101 using the following connection string

• TableType=ADT;
• ServerType=REMOTE;
• CommType=TLS;
• LockMode=PROPRIETARY;
• CharType=ANSI;
• SecurityMode=IGNORERIGHTS;
• Data Source=\\udbuniv1\drive_d\;
• TLSCertificate=D:\FIPS\wudbuniv1-CLIENT-CERT.pem;
• TLSCiphers=AES256-SHA;
• TLSCommonName=udbuniv1;
• EncryptionType=AES256;
• FIPS=1;
• TrimTrailingSpaces=FALSE;

With the previous version Advantage the above stuff all works!

Now after installing the new ADS-11.10.0.22 with the new OpenSSL dll's it does not work anymore and gives an fatal error with code 7165?

What am I missing out at?

• Are ssleay32.dll and libeay32.dll compiled with an older version of Visual C++ ?
• It would be really helpfull if OpenSSL.EXE is supplied using the same build as ssleay32.dll and libeay32.dll
• What does 7165 mean? Which is a SAP error.
• Has SAP tested the FIPS on a Win7 64-bit machine with the ssleay32.dll and libeay32.dll?

I have installed all Visual C++ version from 2005, 2008, 2010 but it makes no difference.