FIPS Status Check
For F5 NGINX Plus, the cryptographic boundary includes all functionality that is implemented by the http_ssl
, http_v2
, stream_ssl
, and mail_ssl
modules. These modules implement SSL and TLS operations for inbound and outbound connections which use HTTP, HTTP/2, TCP, and mail protocols.
Installation
-
Check the Technical Specifications page to verify that the module is supported by your operating system.
-
Install the FIPS module package
nginx-plus-module-fips-check
.For Amazon Linux 2, CentOS, Oracle Linux, and RHEL:
sudo yum update && \ sudo yum install nginx-plus-module-fips-check
for Amazon Linux 2023, AlmaLinux, Rocky Linux:
sudo dnf update && \ sudo dnf install nginx-plus-module-fips-check
For Debian and Ubuntu:
sudo apt update && \ sudo apt install nginx-plus-module-fips-check
For SLES:
sudo zypper refresh && \ sudo zypper install nginx-plus-module-fips-check
For Alpine:
apk add nginx-plus-module-fips-check
For FreeBSD:
sudo pkg update && \ sudo pkg install nginx-plus-module-fips-check
Configuration
After installation you will need to enable and configure the module in NGINX Plus configuration file nginx.conf
.
-
Enable dynamic loading of the module with the
load_module
directive specified in the top-level (“main
”) context:load_module modules/ngx_fips_check_module.so; http { # ... }
-
Perform additional configuration as required by the module.
-
Test the NGINX Plus configuration. In a terminal, type-in the command:
nginx -t
Expected output of the command:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf is successful
-
Reload the NGINX Plus configuration to enable the module:
nginx -s reload