FIPS Status Check (original) (raw)

NGINX ONE

• NGINX One Console

• NGINX Plus

• NGINX Instance Manager

• NGINX Ingress Controller

• NGINX Gateway Fabric

• NGINX Open Source

• Subscription Licensing & Solutions

• NGINX Agent

• Admin Guide

  • Installing NGINX and NGINX Plus
    * Installing NGINX Plus
    * Installing NGINX Open Source
    * Installing NGINX Plus AMIs on Amazon EC2
    * Install NGINX Plus on the Google Cloud Platform
    * Installing NGINX Plus on Microsoft Azure
    * Deploying NGINX and NGINX Plus with Docker
  • Basic Functionality
    * Control NGINX Processes at Runtime
    * Create NGINX Plus and NGINX Configuration Files
  • Load Balancer
    * HTTP Load Balancing
    * TCP and UDP Load Balancing
    * HTTP Health Checks
    * TCP Health Checks
    * UDP Health Checks
    * gRPC Health Checks
    * Dynamic Configuration of Upstreams with the NGINX Plus API
    * Accepting the PROXY Protocol
  • Content Cache
    * NGINX Content Caching
  • Web Server
    * Configuring NGINX and NGINX Plus as a Web Server
    * Serve Static Content
    * NGINX Reverse Proxy
    * Compression and Decompression
    * Using NGINX and NGINX Plus as an Application Gateway with uWSGI and Django
  • Security Controls
    * NGINX SSL Termination
    * SSL Termination for TCP Upstream Servers
    * Restricting Access with HTTP Basic Authentication
    * Authentication Based on Subrequest Result
    * Setting up JWT Authentication
    * Single Sign-On with OpenID Connect and Identity Providers
    * Limiting Access to Proxied HTTP Resources
    * Restricting Access to Proxied TCP Resources
    * Restricting Access by Geographical Location
    * Securing HTTP Traffic to Upstream Servers
    * Securing TCP Traffic to Upstream Servers
    * Dynamic Denylisting of IP Addresses
  • Monitoring
    * Live Activity Monitoring
    * Configuring Logging
    * Debugging NGINX
    * NGINX Diagnostic Package
    * Monitoring NGINX and NGINX Plus with the New Relic Plug-In
  • High Availability
    * High Availability Support for NGINX Plus in On-Premises Deployments
    * Configuring Active-Active High Availability and Additional Passive Nodes with keepalived
    * Synchronizing NGINX Configuration in a Cluster
    * Runtime State Sharing in a Cluster
    * How NGINX Plus Performs Zone Synchronization
  • Dynamic Modules
    * Dynamic Modules
    * Brotli
    * Cookie-Flag
    * Encrypted-Session
    * FIPS Status Check
    * Installation
    * Configuration
    * More Info
    * GeoIP
    * GeoIP2
    * Headers-More
    * HTTP Substitutions Filter
    * Image-Filter
    * Lua
    * NGINX Developer Kit
    * NGINX ModSecurity WAF
    * njs Scripting Language
    * OpenTelemetry
    * OpenTracing
    * Perl
    * Phusion Passenger Open Source
    * Prometheus-njs
    * RTMP
    * Set-Misc
    * SPNEGO
    * Uninstalling a dynamic module
    * XSLT
  • Mail Proxy
    * Configure NGINX as a Mail Proxy Server

• Deployment Guides

  • Amazon Web Services
    * Active-Active HA for NGINX Plus on AWS Using AWS Network Load Balancer
    * Active-Passive HA for NGINX Plus on AWS Using Elastic IP Addresses
    * Using NGINX or NGINX Plus as the Ingress Controller for Amazon Elastic Kubernetes Services
    * Create Amazon EC2 Instances for NGINX Open Source and NGINX Plus
  • Global Server Load Balancing
    * Global Server Load Balancing with NS1 and NGINX Plus
  • Google Cloud Platform
    * All-Active HA for NGINX Plus on the Google Cloud Platform
  • Load Balancing Third-Party Servers
    * Load Balancing Apache Tomcat Servers with NGINX Open Source and NGINX Plus
    * Load Balancing Microsoft Exchange Servers with NGINX Plus
    * Load Balancing Node.js Application Servers with NGINX Open Source and NGINX Plus
    * Load Balancing Oracle E-Business Suite with NGINX Plus
    * Load Balancing Oracle WebLogic Server with NGINX Open Source and NGINX Plus
    * Load Balancing Wildfly and JBoss Application Servers with NGINX Open Source and NGINX Plus
  • Microsoft Azure
    * Active-Active HA for NGINX Plus on Microsoft Azure Using the Azure Standard Load Balancer
    * Creating Microsoft Azure Virtual Machines for NGINX Open Source and F5 NGINX Plus
  • Migrate Hardware ADCs
    * Migrating Load Balancer Configuration from Citrix ADC to NGINX Plus
    * Migrating Load Balancer Configuration from F5 BIG-IP LTM to F5 NGINX Plus
  • Set Up Single Sign-On for Proxied Applications
    * Single Sign-On With Auth0
    * Single Sign-On with Amazon Cognito
    * Single Sign-On with Microsoft Active Directory FS
    * Single Sign-On with Microsoft Entra ID
    * Single Sign-On with Keycloak
    * Single Sign-On with OneLogin
    * Single Sign-On with Okta
    * Single Sign-On with Ping Identity
    * Legacy njs-based Single Sign-On Solutions
    * Single Sign-On with Amazon Cognito and njs
    * Single Sign-On With Auth0 and njs
    * Single Sign-On with Keycloak and njs
    * Single Sign-On with Microsoft AD FS and njs
    * Single Sign-On with Okta and njs
    * Single Sign-On with OneLogin and njs
    * Single Sign-On with Ping Identity and njs
  • Setting up an NGINX demo environment

• Releases

• Technical Specs

• Open Source Components

• NGINX Plus FIPS Compliance

• NGINX Directives Index

1. Home
2. F5 NGINX Plus
3. Admin Guide
4. Dynamic Modules FIPS Status Check

For F5 NGINX Plus, the cryptographic boundary includes all functionality that is implemented by the http_ssl, http_v2, stream_ssl, and mail_ssl modules. These modules implement SSL and TLS operations for inbound and outbound connections which use HTTP, HTTP/2, TCP, and mail protocols.

1. Check the Technical Specifications page to verify that the module is supported by your operating system.
2. Install the FIPS module package nginx-plus-module-fips-check.
   For Amazon Linux 2, CentOS, Oracle Linux, and RHEL:
   shell

sudo yum update && \  
sudo yum install nginx-plus-module-fips-check  

sudo yum update && \  
sudo yum install nginx-plus-module-fips-check  

for Amazon Linux 2023, AlmaLinux, Rocky Linux:
shell

sudo dnf update && \  
sudo dnf install nginx-plus-module-fips-check  

sudo dnf update && \  
sudo dnf install nginx-plus-module-fips-check  

For Debian and Ubuntu:
shell

sudo apt update && \  
sudo apt install nginx-plus-module-fips-check  

sudo apt update && \  
sudo apt install nginx-plus-module-fips-check  

For SLES:
shell

sudo zypper refresh && \  
sudo zypper install nginx-plus-module-fips-check  

sudo zypper refresh && \  
sudo zypper install nginx-plus-module-fips-check  

For Alpine:

apk add nginx-plus-module-fips-check  

apk add nginx-plus-module-fips-check  

For FreeBSD:
shell

sudo pkg update && \  
sudo pkg install nginx-plus-module-fips-check  

sudo pkg update && \  
sudo pkg install nginx-plus-module-fips-check  

After installation you will need to enable and configure the module in NGINX Plus configuration file nginx.conf.

1. Enable dynamic loading of the module with the load_module directive specified in the top-level (“main”) context:
   nginx

load_module modules/ngx_fips_check_module.so;  
http {  
    # ...  
}  

load_module modules/ngx_fips_check_module.so;  
http {  
    # ...  
}  

1. Perform additional configuration as required by the module.
2. Test the NGINX Plus configuration. In a terminal, type-in the command:
   Expected output of the command:
   shell

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok  
nginx: configuration file /etc/nginx/nginx.conf is successful  

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok  
nginx: configuration file /etc/nginx/nginx.conf is successful  

1. Reload the NGINX Plus configuration to enable the module:

• FIPS Compliance for NGINX Plus
• NGINX FIPS Status Check Module Reference
• NGINX Dynamic Modules
• NGINX Plus Technical Specifications
• Uninstalling a Dynamic Module