The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL.

From EDB Postgres Advanced Server Security Technical Implementation Guide

Part of SRG-APP-000179-DB-000114

Associated with: CCI-000803

SV-83689r1_rule The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL.

Vulnerability discussion

Postgres uses OpenSSL for the underlying encryption layer. Currently only Red Hat Enterprise Linux is certified as a FIPS 140-2 distribution of OpenSSL. For other operating systems, users must obtain or build their own FIPS 140-2 OpenSSL libraries.

Check content

If the Postgres Plus Advanced Server is not installed on Red Hat Enterprise Linux (RHEL), this is a finding.

Fix text

Install Postgres Plus Advanced Server on RHEL or ensure that FIPS 140-2 certified OpenSSL libraries are used by the DBMS.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer