For those who need to install CONNECT in a FIPS 140-2 environment, please follow the directions for the appropriate application server. Below are links to standard FIPS enablement instructions provided by IBM, Oracle and Redhat, respectively (GlassFish 3.1.2 does not currently include FIPS instructions).
WebSphere 8.5.5.3- Configuring FIPS on WebSphere
WebLogic 12c - Weblogic with FIPS 140-2 ConfigurationJBoss 7.1.1
- How do I make JBoss 7 use FIPS 140-2 compliant cryptography; /wiki/spaces/CONNECTWIKI/pages/8585495JBoss EAP7 - Configuring FIPS 140-2 on JBoss EAP7
WildFly 8.2.1 - Configuring FIPS 140-2 on Wildfly 8.2.1
WildFly 15 - Configuring FIPS 140-2 on WildFly 15
As CONNECT's federal partners deploy CONNECT into their FIPS 140-2 environments, the CONNECT team will update this page with more complete installation instructions.
| Application Server | FIPS 140-2 on TLS 1.0 / 1.1 | FIPS 140-2 on TLS 1.2 | SP-800 | SP-800 on TLS 1.2 | SNI | SNI + FIPS 140-2 |
|---|---|---|---|---|---|---|
| WildFly 8.2 | Yes | No | No | No | with apache | Not verified |
| Wildfly 15 | Yes | No | No | No | Yes (native) | Yes |
WAS 8.5 | No | No | Yes | Yes | with apache | Not verified |
| WebLogic 12.2 | Yes | No | No | No | with apache | Not verified |
| JBoss EAP 7 | Yes | No | No | No | with apache 1 | No |
1.) Not explicitly verified - setup should remain the same for Wildfly 8.2.1