action #178732
Updated by tjyrinki_suse about 2 months ago
As a continuation to ticket #167683, Security Certifications team has implicated that the earlier quoted status in that ticket was incorrect, and we do no need also openSSL 1.1 FIPS testing in 15-SP6 as well (but not 15-SP7). It was originally not done because BCI is one of the products that does have libssl1.1 binaries but not the CLI binary openssl1.1 package which provides openssl-1_1 CLI tool. package. The other similar products SLED and RT (that do not have access to SLE Legacy module), have implemented a workaround, that should be recreated in BCI's Python tests as well. ## Acceptance Criteria 1. Add similar workaround to BCI that is being done at https://github.com/os-autoinst/os-autoinst-distri-opensuse/blob/master/lib/security/openssl_misc_utils.pm#L64 for SLED and SLE RT. 1. Execute the same openSSL tests twice - once by using 'openssl' CLI binary (in 15-SP6, that is openSSL 3) and 'openssl-1_1' CLI 'openssl1.1' binary. 1. Do not break the other versiosn - this dual execution should only be done on 15-SP6, other versions just use what is the default. ## Further Information Dennis Knorr can answer questions.