action #178732
Updated by tjyrinki_suse 2 months ago
As a continuation to ticket #167683, Security Certifications team has implicated that the earlier quoted status in that ticket was incorrect, and we do no need also openSSL 1.1 FIPS testing in 15-SP6 as well (but not 15-SP7). It was originally not done because BCI is one of the products that does have libssl1.1 binaries but not the CLI binary openssl1.1 package. The other similar products SLED and RT (that do not have access to SLE Legacy module), have implemented a workaround, that should be recreated in BCI's Python tests as well. ## Acceptance Criteria 1. Add similar workaround to BCI that is being done at https://github.com/os-autoinst/os-autoinst-distri-opensuse/blob/master/lib/security/openssl_misc_utils.pm#L64 for SLED and SLE RT. 1. Execute the same openSSL tests twice - once by using 'openssl' binary (in 15-SP6, that is openSSL 3) and 'openssl1.1' binary. 1. Do not break the other versiosn - this dual execution should only be done on 15-SP6, other versions just use what is the default. ## Further Information Dennis Knorr can answer questions.