FIPS 140-3 Compliance
FIPS 140-3 Compliance¶
RLC Pro provides access to FIPS 140-3 cryptographic modules for deployments that require federal compliance. FIPS (Federal Information Processing Standards) compliance is required for many government, defense, financial, and healthcare environments.
Note
FIPS 140-3 modules are available exclusively to RLC Pro subscribers.
What is FIPS 140-3?¶
FIPS 140-3 is a US and Canadian government standard that defines the security requirements for cryptographic modules used in information systems. Compliance ensures that:
- Cryptographic algorithms meet approved standards
- Key management follows validated procedures
- Random number generation uses approved methods
- Self-tests verify module integrity at startup
Available FIPS Versions¶
RLC Pro provides both Certified and Compliant FIPS configurations:
Certified¶
FIPS Certified modules have completed the NIST Cryptographic Module Validation Program (CMVP) process. Use certified modules when your compliance requirements mandate a CMVP-validated solution.
Compliant¶
FIPS Compliant modules use the same cryptographic implementations as the certified versions but may include more recent updates. Use compliant modules when you need FIPS-grade cryptography with the latest security patches.
| Version | Certified | Compliant |
|---|---|---|
| Rocky 9.2 |  |
|
| Rocky 9.6 | |
|
| Rocky 8.6 | |
|
| Rocky 8.10 | |
|
Enabling FIPS¶
FIPS requires enabling the appropriate FIPS repositories through the Depot CLI. FIPS modules are not installed on standard RLC images by default.
# Enable the FIPS repository for your version (e.g., certified 9.2)
sudo depot enable fips-9.2-certified
Note
Detailed FIPS setup instructions are coming soon. For assistance with FIPS deployments, contact CIQ Support.
FIPS and LTS¶
FIPS versions are tied to specific minor releases (e.g., 9.2, 9.6) because cryptographic module validation is performed against a specific software version. RLC Pro LTS ensures these pinned versions continue to receive security updates.
Support¶
For questions about FIPS compliance, certification documentation, or configuration assistance, contact CIQ Support or CIQ Sales.