As of version 2016.3, Exago is FIPS (Federal Information Processing Standard) 140-2 compliant. FIPS is a United States and Canadian government standard which defines a minimum set of security requirements for cryptographic systems. This standard is designed for products to secure sensitive but unclassified information.
Exago is compliant with FIPS Level 2 (140-2) which is the current active version of the standard. Before enabling FIPS, please be aware that you may lose access to certain websites which use SSL 1.0 via Internet Explorer. For more details, see the following Microsoft support articles:
- "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" security setting effects in Windows XP and in later versions of Windows
- PRB: Cannot visit SSL sites after you enable FIPS compliant cryptography
FIPS compliant encryption on Windows can be enabled using a local group policy setting or by editing a registry key.
Log in with an account that has administrative credentials. To open the Group Policy editor, press Start, press Run, type gpedit.msc, and press Enter.
Navigate to the following setting:
Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options
In the Details pane, double-click System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing.
Select Enabled, and press OK or Apply. Then restart your webserver.
Log in with an account that has administrative credentials. To open the Registry editor, press Start, press Run, type regedit, and press Enter.
Navigate to the following key:
Double-click on Enabled.
Enter 1 in Value data, then press OK. Then restart your webserver.