To remove the OpenSSL cryptographic library from Tectia Client on Windows, first disable FIPS mode, if it has been enabled, using the Configuration GUI.


If both Tectia Client and Tectia Server are installed, ensure that user-specific Connection Broker configuration(s) have FIPS mode disabled and that the system wide Tectia FIPSMODE switch file is removed. The FIPSMODE file is automatically removed when FIPS mode is disabled from the Tectia Server Configuration GUI (for more information, see Enabling FIPS 140-2 Mode).

Changing Optional Installation Modules for Tectia on Windows

To modify Tectia Client and Server optional FIPS module in Windows environment, follow the instructions below:

  1. From the Windows Start menu, open the Control Panel and click Programs and Features.

  2. In the list of installed programs, select Tectia Client and click Change.

  3. In the installer click Modify.

  4. Select Tectia Client > FIPS optional module and change it to Entire feature will be unvailable.

  5. Click Next and Install to proceed with the Modify installation that will remove the Tectia FIPS support module(s).

OpenSSL files removed from Tectia Client on Windows, when FIPS support module is uninstalled:

Note that <INSTALLDIR> indicates the default Tectia installation directory on 64-bit Windows versions: C:\Program Files (x86)\SSH Communications Security\SSH Tectia

  • <INSTALLDIR>\SSH Tectia AUX\Plugins\<x>.<y>.<z>.<b>\sshcrypto1.dll

    (<x>, <y>, <z> and <b> indicate the Tectia Client version and build numbers, for example

  • <INSTALLDIR>\SSH Tectia AUX\fips\fips.dll

  • <INSTALLDIR>\SSH Tectia AUX\fips\openssl.cnf

  • <INSTALLDIR>\SSH Tectia AUX\libcrypto-3.dll

  • <INSTALLDIR>\SSH Tectia Broker\libcrypto-3.dll

  • <INSTALLDIR>\SSH Tectia Client\libcrypto-3.dll