* Where can I get a compiled version of OpenSSL?
* Why aren't tools like 'autoconf' and 'libtool' used?
* What is an 'engine' version?
+* How do I check the authenticity of the OpenSSL distribution?
[LEGAL] Legal questions
version 0.9.7 (not yet released) the changes were merged into the main
development line, so that the special release is no longer necessary.
+* How do I check the authenticity of the OpenSSL distribution?
+
+We provide MD5 digests and ASC signatures of each tarball.
+Use MD5 to check that a tarball from a mirror site is identical:
+
+ md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
+
+You can check authenticity using pgp or gpg. You need the OpenSSL team
+member public key used to sign it (download it from a key server). Then
+just do:
+
+ pgp TARBALL.asc
+
[LEGAL] =======================================================================
* Do I need patent licenses to use OpenSSL?
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski
However, be warned that /dev/random is usually a blocking device, which
may have some effects on OpenSSL.
+A third party /dev/random solution for Solaris is available at
+ http://www.cosy.sbg.ac.at/~andi/
* Why do I get an "unable to write 'random state'" error message?