[Info-vax] HPE contact for access to formerly "free" OpenSSL kits?

[Stephen Hoffman]

On 2019-03-01 16:20:31 +0000, Rod Regier said:

> Any constructive suggestion(s) as to who in HPE I could contact about 
> where to access the "free" HPE OpenSSL binary kits?

My typically-longwinded and 
potentially-not-considered-to-be-constructive-because-reasons reply...

HPE has shuffled most of the OpenVMS folks elsewhere, AFAIK/AFAICT.  
VSI hired a number of them a while back, too.   HPE is exiting the 
new-patch business with OpenVMS, and in less than two years.  And VSI 
is handling a whole lot of the HPE escalation.

SSL support for OpenVMS for free?  Download and build OpenSSL from the 
sources; from OpenSSL.org.  OpenSSL does support OpenVMS builds.  
Alternatively, download kits from PolarHome.  There are other download 
options.

Details and links to most of that:  http://polarhome.com  https://openssl.org

You'll be more current than what HPE was offering with the SSL1 kit, too.

The HPE SSL1 kit has a couple of related patches, if you scrounge the 
SSL1 kit from elsewhere and try to apply it.  Patches for MANAGE and 
ENCRYPT are involved, and a few others.  The kit won't install without 
MANAGE installed. And those other patches were never available for free.

Related discussion, and this from prior to the HPE web site PDF'ing: 
https://groups.google.com/d/msg/comp.os.vms/gVx_ADEsTiU/YSNFcpGFBQAJ

Or acquire VSI licenses and upgrade to V8.4-2L1 or V8.4-2L2.  You're in 
a hole here with security and with the HPE OpenVMS exit and with the 
lack of an HPE or VSI contract, and VSI is the only medium- and 
longer-term path out of this mess if you don't want to build and 
maintain this locally, and if you're not porting.  We're headed for 
another round of updates with the release of TLSv1.3, and that'll lead 
to the deprecation of older and less-secure connections on various 
hosts, and the detection of those protocols in various audits.


-- 
Pure Personal Opinion | HoffmanLabs LLC