FIPS Status Check
For F5 NGINX Plus, the cryptographic boundary includes all functionality that is implemented by the http_ssl, http_v2, stream_ssl, and mail_ssl modules. These modules implement SSL and TLS operations for inbound and outbound connections which use HTTP, HTTP/2, TCP, and mail protocols.
-
Check the Technical Specifications page to verify that the module is supported by your operating system.
-
Install the FIPS module package
nginx-plus-module-fips-check.For Amazon Linux 2, CentOS, Oracle Linux, and RHEL:
sudo yum update && \ sudo yum install nginx-plus-module-fips-checkfor Amazon Linux 2023, AlmaLinux, Rocky Linux:
sudo dnf update && \ sudo dnf install nginx-plus-module-fips-checkFor Debian and Ubuntu:
sudo apt update && \ sudo apt install nginx-plus-module-fips-checkFor SLES:
sudo zypper refresh && \ sudo zypper install nginx-plus-module-fips-checkFor Alpine:
apk add nginx-plus-module-fips-checkFor FreeBSD:
sudo pkg update && \ sudo pkg install nginx-plus-module-fips-check
After installation you will need to enable and configure the module in NGINX Plus configuration file nginx.conf.
-
Enable dynamic loading of the module with the
load_moduledirective specified in the top-level (“main”) context:load_module modules/ngx_fips_check_module.so; http { # ... } -
Perform additional configuration as required by the module.
-
Test the NGINX Plus configuration. In a terminal, type-in the command:
nginx -tExpected output of the command:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf is successful -
Reload the NGINX Plus configuration to enable the module:
nginx -s reload