Apache Web Server as a FIPS 140 Consumer - Using a FIPS 140 Enabled System in Oracle® Solaris 11.2

Using a FIPS 140 Enabled System in Oracle^® Solaris 11.2

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Using a FIPS 140 Enabled System in ... » Enabling FIPS 140 Consumers on an Oracle ... » Apache Web Server as a FIPS 140 Consumer

Updated: August 2014

Using a FIPS 140 Enabled System in Oracle^® Solaris 11.2

Document Information

Introduction to FIPS 140-2 Level 1 Cryptography in Oracle Solaris

Enabling FIPS 140 Providers on an Oracle Solaris System

Enabling FIPS 140 Consumers on an Oracle Solaris System

Apache Web Server as a FIPS 140 Consumer

Secure Shell as a FIPS 140 Consumer

IPsec and IKEv2 as FIPS 140 Consumers

Kerberos as a FIPS 140 Consumer

Key Management Framework as a FIPS 140 Consumer

passwd Command as a FIPS 140 Consumer

encrypt, decrypt, digest, and mac Commands as FIPS 140 Consumers

Example of Enabling Two Applications in FIPS 140 Mode on an Oracle Solaris System

FIPS 140 Algorithm Lists and Certificate References for Oracle Solaris Systems

Language:

Apache Web Server as a FIPS 140 Consumer

The Apache Web Server V2.2 installs as the package pkg:/web/server/apache-22. The web server uses the OpenSSL library and can use its PKCS #11 engine option, which is the Cryptographic Framework.

You can use either the Cryptographic Framework (pktool gencert command) or the OpenSSL (openssl -newkey command) to generate the web server certificate. Certificate authentication is handled through OpenSSL by the PKCS #11 engine. The engine is validated for FIPS 140.

For the configuration steps, see Example of Enabling Two Applications in FIPS 140 Mode on an Oracle Solaris System.

See also:

openssl (1openssl) man page
openssl(5) man page
How to Configure an Apache 2.2 Web Server to Use the SSL Kernel Proxy in Securing the Network in Oracle Solaris 11.2
ksslcfg(1M) man page

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices