Scroll

Enable FIPS Compliant Encryption on Windows

As of version 2016.3, Exago is FIPS (Federal Information Processing Standard) 140-2 compliant. FIPS is a United States and Canadian government standard which defines a minimum set of security requirements for cryptographic systems. This standard is designed for products to secure sensitive but unclassified information.

Exago is compliant with FIPS Level 2 (140-2) which is the current active version of the standard. Before enabling FIPS, please be aware that you may lose access to certain websites which use SSL 1.0 via Internet Explorer. For more details, see the following Microsoft support articles:

Enabling FIPS

FIPS compliant encryption on Windows can be enabled using a local group policy setting or by editing a registry key.

Group Policy

Log in with an account that has administrative credentials. To open the Group Policy editor, press Start, press Run, type gpedit.msc, and press Enter.

Navigate to the following setting:

Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options

In the Details pane, double-click System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing.

Select Enabled, and press OK or Apply. Then restart your webserver.

Windows Registry

Log in with an account that has administrative credentials. To open the Registry editor, press Start, press Run, type regedit, and press Enter.

Navigate to the following key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy

Double-click on Enabled.

Enter 1 in Value data, then press OK. Then restart your webserver.


Hidden Article Information

Article Author
Exago Development
created 2016-11-22 14:35:07 UTC
updated 2017-02-21 18:50:09 UTC

Labels
registry, windows registry, data security, security, encryption, FIPS, group policy,
Have more questions? Submit a request