Solved

FIPS 140-2 Compliant Encryption

Posted on 2010-11-23
2
1,459 Views
Last Modified: 2012-05-10
Hello,

I am wondering if SSL/TLS is a FIPS 140-2 Compliant Encryption. If so, can you please point me to an authoritative source?

Thank you,
Joseph Irvine
0
Comment
Question by:jkeagle13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 27

Expert Comment

by:Tolomir
ID: 34199978
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 34205497
it depends on what you mean by compliant.

the openssl libraries are fully *certified*, when run in FIPS mode (this restricts you to just the FIPS approved algos). Any SSL link is FIPS *compliant* if the webserver (not client!) is set to operate only using FIPS approved algos - but will not be certified.

apache would be FIPS *certified* only if the openssl library it links to is compiled to FIPS mode (not the default). IIS, similarly, is *certified* if it uses the FIPS compatable libraries (available by default from windows 2003 onwards) AND the system is set to FIPS compliant mode in group policy.  There is no setting that will make IIS compliant but not certified, as one implies the other in windows.
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Managing 24/7 IT Operations is a hands-on job and indeed a difficult one. Over the years I have found some simple tips and techniques to increase the efficiency of the overall operations. The core concept has always been on continuous improvement; a…
Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question