Cent OS 6.x FIPS Validation/Compliant

srikchak · Post by **srikchak** » 2014/04/08 12:06:46

Hi,

Is the OpenSSL coming with the Cent OS 6.x (6.4/6.5) has already bundled with the fips module and when enabled can operate/work in the FIPS Mode. By Using the Open SSL coming with the CentOS can we go for the FIPS validation of our application.

Or is it mandatory to rebuild the OpenSSL with FIPS module and update it inorder to make it FIPS Compliant as Cent OS is not validated for FIPS Compliant.

Appreciate your help on this.

Thansk,
Srikanth

Post by **TrevorH** » 2014/04/08 12:37:45

CentOS rebuild what RH supply with the same options. If it works on RHEL then it should also work on CentOS.

hmoviat · Post by **hmoviat** » 2014/04/08 13:24:46

Trevor, you write: "If you have 1.0.1e-16.el6_5.7 or higher then you have the official fixed version.". I have this version. When I check via http://filippo.io/Heartbleed/ it still says that I have a problem. Any ideas?

srikchak · Post by **srikchak** » 2014/04/08 13:44:02

Thanks TrevorH. As RH is FIPS certified (http://www.redhat.com/about/news/press- ... ifications) and Cent OS is built on RH can we go for FIPS 140-2 validation/certification of our application which runs on the Cent OS (OPENSSL) by turningon on to run in FIPS Mode of operation, or does it require that the OS as well requires the certification.

Thanks,
Srikanth

Post by **TrevorH** » 2014/04/08 17:24:27

The functionality is one thing, the certification is something completely different and I have no idea what is involved.

CentOS

Cent OS 6.x FIPS Validation/Compliant

Cent OS 6.x FIPS Validation/Compliant

Re: Cent OS 6.x FIPS Validation/Compliant

Re: Cent OS 6.x FIPS Validation/Compliant

Re: Cent OS 6.x FIPS Validation/Compliant

Re: Cent OS 6.x FIPS Validation/Compliant