Am 27.09.2018 um 00:26 schrieb Fred Smith fredex@fcshome.stoneham.ma.us:
On Wed, Sep 26, 2018 at 04:24:23PM -0400, mark wrote:
Here's a question that I have3n't found the answer to yet: does anyone know the effect of enabling FIPS mode for apache? Will it break existing websites? Does code need changing? Configuration, other than enabling it?
markI don't know anything about when it is a good idea or not, however, I have been told (by a person I trust to be right) that FIPS 140-2 is obsolete, in that it requires certain features that are now known to not be your best bet for good security.
Sorry, I cannot be more specific, that is all I know on the topic.
If I recall it correctly; this mode can be enabled only for the whole system and not just for a single service ...
-- LF