HP Open Source Security for OpenVMS Volume 2: HP SSL for OpenVMS > Chapter 1 Installation and Release Notes

Installation Requirements and Prerequisites

  Table of Contents


The following sections list hardware and disk space requirements, and software prerequisites.

Hardware Prerequisites

Disk Space Requirements

The HP SSL for OpenVMS kit requires approximately 45,000 blocks of working disk space to install. Once installed, the software occupies approximately 40,000 blocks of disk space.

Software Prerequisites

HP SSL for OpenVMS requires the following software.

Operating System

HP OpenVMS Alpha Version 7.3-2 or higher, or

HP OpenVMS Industry Standard 64 Version 8.2 or higher

TCP/IP Transport

HP TCP/IP Services for OpenVMS Version 5.6 or higher (for HP SSL on OpenVMS I64 and OpenVMS Alpha Version 8.2 or higher), or

HP TCP/IP Services for OpenVMS Version 5.5 or higher (for HP SSL on OpenVMS Alpha Version 7.3-2)

NOTE: HP SSL for OpenVMS has been tested and verified using HP TCP/IP Services for OpenVMS. On OpenVMS Alpha, there are no known problems running HP SSL for OpenVMS with other TCP/IP network products, including TCPware and MultiNet from Process Software Corporation. However, HP has not formally tested and verified these other products.

Account Quotas and System Parameters

There are no specific requirements for account quotas and system parameters for installing or using HP SSL for OpenVMS.

New Features in HP SSL Version 1.3 for OpenVMS

HP SSL Version 1.3 for OpenVMS, based on OpenSSL 0.9.7e, is included in OpenVMS Version 8.3. (The previous version of HP SSL was based on OpenSSL 0.9.7d.)

New features in HP SSL Version 1.3 include:

  • HP SSL Version 1.3 is now included in the OpenVMS operating system as a SIP (system integrated product) . SSL for OpenVMS is installed automatically when you install or upgrade to OpenVMS Version 8.3.

  • Bug Fixes in OpenSSL 0.9.7e

    • Fixed race condition when CRLs are checked in a multithreaded environment.

    • Added Delta CRL to extension code.

    • Fixed s3_pkt.c so alerts are sent properly.

    • Reduced chances of duplicate issuer name and serial numbers (in violation of RFC3280) using the OpenSSL certificate creation utilities.

    • Removed potential SSL Protocol 2.0 rollback.

      The functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING (part of SSL_OP_ALL) has been removed from 0.9.7e. This option can be used to disable the countermeasure against man-in-the-middle protocol-version rollback in the SSL Protocol 2.0 server implementation. See http://www.openssl.org/news/secadv_20051011.txt for more information.