FIPS Status Check

For F5 NGINX Plus, the cryptographic boundary includes all functionality that is implemented by the http_ssl, http_v2, stream_ssl, and mail_ssl modules. These modules implement SSL and TLS operations for inbound and outbound connections which use HTTP, HTTP/2, TCP, and mail protocols.

Installation

1. Check the Technical Specifications page to verify that the module is supported by your operating system.

2. Install the FIPS module package nginx-plus-module-fips-check.

   For Amazon Linux 2, CentOS, Oracle Linux, and RHEL:

   yum install nginx-plus-module-fips-check
   

   for Amazon Linux 2023, AlmaLinux, Rocky Linux:

   dnf install nginx-plus-module-fips-check
   

   For Debian and Ubuntu:

   apt-get install nginx-plus-module-fips-check
   

   For SLES:

   zypper install nginx-plus-module-fips-check
   

   For Alpine:

   apk add nginx-plus-module-fips-check
   

   For FreeBSD:

   pkg install nginx-plus-module-fips-check
   

Configuration

After installation you will need to enable and configure the module in NGINX Plus configuration file nginx.conf.

1. Enable dynamic loading of the module with the load_module directive specified in the top-level (“main”) context:

   load_module modules/ngx_fips_check_module.so;
   

2. Perform additional configuration as required by the module.

3. Test the configuration and reload NGINX Plus to enable the module:

   nginx -t && nginx -s reload
   

More Info

• FIPS Compliance for NGINX Plus

• NGINX FIPS Status Check Module Reference

• NGINX Dynamic Modules

• NGINX Plus Technical Specifications