Here's a question that I have3n't found the answer to yet: does anyone
know the effect of enabling FIPS mode for apache? Will it break existing
websites? Does code need changing? Configuration, other than enabling it?
mark
On Wed, Sep 26, 2018 at 04:24:23PM -0400, mark wrote:> Here's a question that I have3n't found the answer to yet: does anyone > know the effect of enabling FIPS mode for apache? Will it break existing > websites? Does code need changing? Configuration, other than enabling it? > > markI don't know anything about when it is a good idea or not, however, I have been told (by a person I trust to be right) that FIPS 140-2 is obsolete, in that it requires certain features that are now known to not be your best bet for good security. Sorry, I cannot be more specific, that is all I know on the topic. -- ---- Fred Smith -- fredex at fcshome.stoneham.ma.us ----------------------------- Show me your ways, O LORD, teach me your paths; Guide me in your truth and teach me, for you are God my Savior, And my hope is in you all day long. -------------------------- Psalm 25:4-5 (NIV) --------------------------------
> Am 27.09.2018 um 00:26 schrieb Fred Smith <fredex at fcshome.stoneham.ma.us>: > > On Wed, Sep 26, 2018 at 04:24:23PM -0400, mark wrote: >> Here's a question that I have3n't found the answer to yet: does anyone >> know the effect of enabling FIPS mode for apache? Will it break existing >> websites? Does code need changing? Configuration, other than enabling it? >> >> mark > > I don't know anything about when it is a good idea or not, however, I > have been told (by a person I trust to be right) that FIPS 140-2 is > obsolete, in that it requires certain features that are now known to > not be your best bet for good security. > > Sorry, I cannot be more specific, that is all I know on the topic.If I recall it correctly; this mode can be enabled only for the whole system and not just for a single service ... -- LF