When Red Hat gets particular packages to pass FIPS validation with NIST, are the package versions after that also considered FIPS-validated or FIPS-certified?
There's a Red Hat knowledge article that details how to configure a RHEL5 system to be FIPS 140-2 compliant; however, it recommends using very old versions of packages. Does this mean one must use those old packages from 2010 in order to run a RHEL5 box in FIPS mode?
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.