Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

FIPS 140-2 Compliant Encryption

Posted on 2010-11-23
2
Medium Priority
?
1,466 Views
Last Modified: 2012-05-10
Hello,

I am wondering if SSL/TLS is a FIPS 140-2 Compliant Encryption. If so, can you please point me to an authoritative source?

Thank you,
Joseph Irvine
0
Comment
Question by:jkeagle13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 27

Expert Comment

by:Tolomir
ID: 34199978
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 2000 total points
ID: 34205497
it depends on what you mean by compliant.

the openssl libraries are fully *certified*, when run in FIPS mode (this restricts you to just the FIPS approved algos). Any SSL link is FIPS *compliant* if the webserver (not client!) is set to operate only using FIPS approved algos - but will not be certified.

apache would be FIPS *certified* only if the openssl library it links to is compiled to FIPS mode (not the default). IIS, similarly, is *certified* if it uses the FIPS compatable libraries (available by default from windows 2003 onwards) AND the system is set to FIPS compliant mode in group policy.  There is no setting that will make IIS compliant but not certified, as one implies the other in windows.
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As dyndns has reduced the capabilities of the free service, I looked around for other free providers of Dynamic DNS service. After testing several I decided to move my DNS hosting to Hurricane Electric as then domains that require dynamic hostnam…
Managing 24/7 IT Operations is a hands-on job and indeed a difficult one. Over the years I have found some simple tips and techniques to increase the efficiency of the overall operations. The core concept has always been on continuous improvement; a…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question