11.14.4. Enable FIPS 140-2 Cryptography in Apache HTTP Server
You can enable FIPS 140-2 cryptography in Apache HTTP server by inserting
SSLFIPS on
directive to Apache HTTP server configuration file: httpd.conf
or ssl.conf
. This directive must be used outside a VirtualHost
configuration section.
The
SSLFIPS on
directive activates the SSL library FIPS_mode flag. This mode applies to all SSL library operations. After adding this directive, you need to restart Apache HTTP server for the changes to become active.
Note
To enable FIPS you must have a FIPS capable OpenSSL (which supports the
FIPS_mode
flag) installed on your system.