FIPS Status Check

Verify compliance with FIPS 140-2 security requirements for cryptographic modules.

For NGINX Plus, the cryptographic boundary includes all functionality that is implemented by the http_ssl, http_v2, stream_ssl, and mail_ssl modules. These modules implement SSL and TLS operations for inbound and outbound connections which use HTTP, HTTP/2, TCP, and mail protocols.

Installation

  1. Check the Technical Specifications page to verify that the module is supported by your operating system.

  2. Install the FIPS module package nginx-plus-module-fips-check.

    For Amazon Linux 2, CentOS, Oracle Linux, and RHEL:

    yum install nginx-plus-module-fips-check
    

    for Amazon Linux 2023, AlmaLinux, Rocky Linux:

    dnf install nginx-plus-module-fips-check
    

    For Debian and Ubuntu:

    apt-get install nginx-plus-module-fips-check
    

    For SLES:

    zypper install nginx-plus-module-fips-check
    

    For Alpine:

    apk add nginx-plus-module-fips-check
    

    For FreeBSD:

    pkg install nginx-plus-module-fips-check
    

Configuration

After installation you will need to enable and configure the module in NGINX Plus configuration file nginx.conf.

  1. Enable dynamic loading of the module with the load_module directive specified in the top-level (“main”) context:

    load_module modules/ngx_fips_check_module.so;
    
  2. Perform additional configuration as required by the module.

  3. Test the configuration and reload NGINX Plus to enable the module:

    nginx -t && nginx -s reload
    

More Info