[DOCS-2035] Document SSL FIPS mode usage Created: 05/Oct/13  Updated: 16/Mar/15  Resolved: 16/Jul/14

Status: Closed
Project: Documentation
Component/s: manual
Affects Version/s: None
Fix Version/s: v1.3.8, mongodb-2.6

Type: Task Priority: Major - P3
Reporter: Eric Milkie Assignee: Tim Slavin
Resolution: Done Votes: 0
Labels: sprint-rollover
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
related to DOCS-2173 Fix links on "about" site for editing... Closed
related to DOCS-2349 document openssl version requirement ... Closed
is related to DOCS-3850 Add FIPS 140-2 Server Log Message to ... Closed
is related to SERVER-8459 Option to enable FIPS mode Closed
is related to SERVER-9118 Enterprise builds with FIPS switch fe... Closed
is related to SERVER-7648 Support Use of FIPS 140-2 Compliant C... Closed
Participants:
Days since reply: 9 years, 28 weeks, 6 days ago

 Comments   
Comment by Githook User [ 31/Jul/14 ]

Author:

{u'username': u'kay-kim', u'name': u'kay', u'email': u'kay.kim@10gen.com'}

Message: DOCS-2035 add to htaccess and toc
Branch: master
https://github.com/mongodb/docs/commit/486817e730b3d21af6c9a82b4f2f157830f08ed0

Comment by Githook User [ 31/Jul/14 ]

Author:

{u'username': u'TimSlavinMongoDB', u'name': u'Tim Slavin (MongoDB)', u'email': u'tim.slavin@10gen.com'}

Message: DOCS-2035: Document SSL FIPS mode usage

Signed-off-by: kay <kay.kim@10gen.com>
Branch: master
https://github.com/mongodb/docs/commit/f3dc16246e39df001093f0d05fee4868e645a1bc

Comment by Githook User [ 31/Jul/14 ]

Author:

{u'username': u'TimSlavinMongoDB', u'name': u'Tim Slavin (MongoDB)', u'email': u'tim.slavin@10gen.com'}

Message: DOCS-2035: Document SSL FIPS mode usage

Signed-off-by: kay <kay.kim@10gen.com>
Branch: master
https://github.com/mongodb/docs/commit/8992c36532f08af467fc1746ba34d920ff64d1cd

Comment by James Kerr [ 18/Oct/13 ]

From milkie:
The Red Hat official documentation has a section on FIPS and this is what I used as a crib (link follows at the end of this email). Although I don't believe it is necessary to put the entire server into FIPS mode for the mongod flag to work, I imagine that anyone requiring FIPS on Red Hat is already familiar with the security guide and has already placed the server into FIPS mode, including disabling prelinking. Note that this is for Red Hat 6, which underwent a significant amount of refactoring for FIPS certification. As far as I know, Red Hat 5 has much more rudimentary support for FIPS. As long as you have the proper OpenSSL packages installed, mongod in FIPS mode ought to work. We have this working on our RHEL 5.7 instances that we use to build mongodb.
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-Federal_Standards_And_Regulations-Federal_Information_Processing_Standard.html

Comment by Jeffrey Yemin [ 18/Oct/13 ]

Probably best to just link to http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/FIPS.html. I don't think we should repeat it in our own documentation.

Comment by James Kerr [ 18/Oct/13 ]

jeff.yemin can you comment on documenting how to run the java driver in SSL FIPS mode?

Generated at Thu Feb 08 07:42:30 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.