FIPS Status Check

For F5 NGINX Plus, the cryptographic boundary includes all functionality that is implemented by the http_ssl, http_v2, stream_ssl, and mail_ssl modules. These modules implement SSL and TLS operations for inbound and outbound connections which use HTTP, HTTP/2, TCP, and mail protocols.

Installation

1. Check the Technical Specifications page to verify that the module is supported by your operating system.

2. Install the FIPS module package nginx-plus-module-fips-check.

   For Amazon Linux 2, CentOS, Oracle Linux, and RHEL:

   Copy

   yum install nginx-plus-module-fips-check

   yum install nginx-plus-module-fips-check

   for Amazon Linux 2023, AlmaLinux, Rocky Linux:

   Copy

   dnf install nginx-plus-module-fips-check

   dnf install nginx-plus-module-fips-check

   For Debian and Ubuntu:

   Copy

   apt-get install nginx-plus-module-fips-check

   apt-get install nginx-plus-module-fips-check

   For SLES:

   Copy

   zypper install nginx-plus-module-fips-check

   zypper install nginx-plus-module-fips-check

   For Alpine:

   Copy

   apk add nginx-plus-module-fips-check

   apk add nginx-plus-module-fips-check

   For FreeBSD:

   Copy

   pkg install nginx-plus-module-fips-check

   pkg install nginx-plus-module-fips-check

Configuration

After installation you will need to enable and configure the module in NGINX Plus configuration file nginx.conf.

1. Enable dynamic loading of the module with the load_module directive specified in the top-level (“main”) context:

   Copy

   load_module modules/ngx_fips_check_module.so;

   load_module modules/ngx_fips_check_module.so;

2. Perform additional configuration as required by the module.

3. Test the configuration and reload NGINX Plus to enable the module:

   Copy

   nginx -t && nginx -s reload

   nginx -t && nginx -s reload

More Info

• FIPS Compliance for NGINX Plus

• NGINX FIPS Status Check Module Reference

• NGINX Dynamic Modules

• NGINX Plus Technical Specifications

---

---