Contact Us 1-800-596-4880

Enabling FIPS 140-2 Compliance Mode for Runtime Fabric

You can configure Runtime Fabric to run application containers in FIPS 140-2 compliance mode.

These instructions assume that you are familiar with FIPS 140-2, the US government security standard that requires that compliant parties use only cryptographic algorithms and techniques that have been certified by NIST.

Enable FIPS 140-2 Compliance Mode

  1. Using kubectl, patch the custom-properties secret in the rtf namespace by setting the FIPS_ENABLED key to true:

    # kubectl patch secret custom-properties -n rtf -p='{"stringData":{"FIPS_ENABLED": "true"}}'

    After making this change, when you deploy new applications or restart existing applications, their containers run in FIPS 140-2 compliance mode.

  2. To verify an application is running in FIPS 140-2 compliance mode, review the application’s startup log:

    # kubectl logs <app-pod-name> -n <env-id> -c app -f| grep -i fips
    Running in FIPS mode
    * Security model: fips140-2                                          *
    *  - = fips140-2