Hi All,
I initially posted this question in "Idea and Feature requests". Reposting it here.
I am investigating FIPS compliance for our platform. nginx is one of the components and we use nginx 1.15.1. I found the documentation about nginx plus being FIPS compliant
"When NGINX Plus is executed on an operating system where a FIPS‑validated OpenSSL cryptographic module is present and FIPS mode is enabled, NGINX Plus is compliant with FIPS 140-2 with respect to the decryption and encryption of SSL/TLS and HTTP/2 traffic." Quoting from https://docs.nginx.com/nginx/fips-compliance-nginx-plus/
Does this apply to open source nginx as well? I did not find any documentation for the open source version.
Thanks in advance.
Manoj
I initially posted this question in "Idea and Feature requests". Reposting it here.
I am investigating FIPS compliance for our platform. nginx is one of the components and we use nginx 1.15.1. I found the documentation about nginx plus being FIPS compliant
"When NGINX Plus is executed on an operating system where a FIPS‑validated OpenSSL cryptographic module is present and FIPS mode is enabled, NGINX Plus is compliant with FIPS 140-2 with respect to the decryption and encryption of SSL/TLS and HTTP/2 traffic." Quoting from https://docs.nginx.com/nginx/fips-compliance-nginx-plus/
Does this apply to open source nginx as well? I did not find any documentation for the open source version.
Thanks in advance.
Manoj
