Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [fips-140-2]

A Federal Information Processing Standard (FIPS) is a publicly announced standardization developed by the United States federal government for use in computer systems by all non-military government agencies and by government contractors, when properly invoked and tailored on a contract.

A Federal Information Processing Standard (FIPS) is a publicly announced standardization developed by the United States federal government for use in computer systems by all non-military government agencies and by government contractors, when properly invoked and tailored on a contract.

(source: Wikipedia)

23 questions
5
votes
2 answers

SSL/TLS Cipher Priority

I am working on trying to make sense of what is required for both PCI DSS compliance as well as FIPS compliance in relation to SSL/TLS cipher suites. I have been reading the guide here and here. However, I have not been able to find anything that…
John
  • 2,276
  • 7
  • 44
  • 60
4
votes
1 answer

FIPS "single-user mode" requirement in Microsoft Windows

In many FIPS 140-2 certificates, Windows must be placed into FIPS 140 mode as well as run in "single user mode". I am familiar with the local/group policy objects to enable FIPS mode. However, "single user mode" is almost always written in…
logicalscope
  • 143
  • 5
3
votes
3 answers

Configuring IIS 7.5 to be FIPS 140.2 compliant

I need to configure IIS 7.5 (Server 2008 R2) to be FIPS 140.2 compliant. Specifically, this involves disabling all SSL protocols other than TLS 1.0. I have set the following registry…
tomfanning
  • 3,378
  • 7
  • 34
  • 34
2
votes
1 answer

Test FIPS Enabled

I'm trying to test to see if FIPS-140-2 is correctly enabled with Windows Server 2016. Is there a Powershell command I could run to check if the feature is properly enabled, and not just set in the registry/group policy? I don't want to check for…
HyTC
  • 23
  • 1
  • 4
2
votes
1 answer

Bitlocker data drive opens as read only -

I have a virtualized Windows Server 2012R2 running on ESXi 6.0 There are 2 virtual disks in this system, an unencrypted C drive for the OS and a Bitlocker encrypted D drive for data sharing. Bitlocker unlock method is via a password. When the drive…
user323936
  • 29
  • 1
  • 2
2
votes
1 answer

How can I get Mac RDC client to connect to W2K3 after enabling FIPS support?

Recently we enabled FIPS 140-2 Encryption Algorithms on our W2K3 server per http://chadamberg.com/drupal/IISCryptography and now my Mac RDP 2.1.1 client won't connect. I get: "Remote Desktop Connection cannot verify the identity of the computer to…
William Jens
  • 191
  • 9
2
votes
0 answers

Is it possible to enable FIPS on Debian 8?

Is it possible to enable FIPS on Debian 8? After googling extensively I could not any reference on how to enable FIPS in Debian 8, which leads me to believe it is not possible.
nfryas
  • 21
  • 1
1
vote
1 answer

Run FreeRADIUS on FIPS enabled Redhat server?

I'm attempting to install a FreeRADIUS server on a RHEL 6.9 VM. This VM is operating in FIPS mode. I'm running into the problem described in a Red Hat bug report found here. According to that bug report from March of 2015 the RADIUS protocol…
dutsnekcirf
  • 249
  • 2
  • 4
  • 16
1
vote
0 answers

Resolving FIPS Compliance Issues with Oracle 11g

Problem I am working with Oracle DB 11g (11.2.0.4.0 - 64bit), Jenkins, Windows PowerShell plugin, and VsTestRunner plugin to automate running unit tests. While setting this up I stumbled upon a huge problem running vstest.console.exe in which I…
Brandon
  • 111
  • 1
1
vote
1 answer

After enabling fips sudo stops working

On a rhel6 system I enabled fips using this guide: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-Federal_Standards_And_Regulations-Federal_Information_Processing_Standard.html After…
aseq
  • 4,610
  • 1
  • 24
  • 48
1
vote
1 answer

Can I configure Wndows NDES server to use Triple DES (3DES) algorithm for PKCS#7 answer encryption?

I am running SCEP client to enroll certificates on NDES server. If OpenSSL is not in FIPS mode - everything works fine. In FIPS mode i get the following error: pkcs7_unwrap():pkcs7.c:708] error decrypting inner…
O.Shevchenko
  • 31
  • 1
  • 5
1
vote
2 answers

Hardware Security Module (HSM)

Looking to purchase an HSM to manage private keys, and price/scalability-price is one of my main concerns. It does need to be FIPS 140-2, level 3 certified (or compliant at least) and it must be rackmountable. I have been looking at the Utimaco…
ActiveX
  • 27
  • 2
1
vote
0 answers

Problems with FIPS Mode in Adobe Acrobat Pro 2020 and Adobe Reader DC

Security requirements are such that we need to set this key depending on software: HKCU\Software\Adobe\Adobe Acrobat\2020\AVGeneral\bFIPSMode (DWORD = 1) KHCU\Software\Adobe\Acrobat Reader\DC\AVGeneral\bFIPSMode (DWORD = 1) This was done…
The ITea Guy
  • 321
  • 1
  • 6
  • 16
0
votes
2 answers

Group Policy Preferences item-level targeting propagation

I'm using GPPs to deliver some registry values and grabbed these using the Registry Wizard tool. This has created a collection with folder structure underneath. I want to use Item-level targeting to apply these so assigned this at the top collection…
jshizzle
  • 351
  • 11
  • 29
0
votes
1 answer

FIPS 140-2 on Windows 2012R2 with SQL 2014

I'm attempting to set my Microsoft SQL 2014 instance to use FIPS 140-2 complaint encryption as described in this KB article for SQL 2012, but it does not appear to be working. I do not see "FIPS" anywhere in the SQL service error logs. I set the…
BrianCanFixIT
  • 43
  • 1
  • 1
  • 10
1
2