I'm not aware of any such thing.
As it would be useful for some customers, I would imagine it would be
well-advertised (and it is not.)
You would /ideally /have a FIPS mode in ActiveMQ, which when switched on,
would call
FIPS_mode_set() so ALL encryption would be done by the FIPS Object Module.
Thanks Michael for the detailed reply!
Do you know what is the case for OpenSSL, used by ActiveMQ for secured
communication (ssl)?
Are there any ActiveMQ distribution compiled with a FIPS-complaint openSSL
version (http://www.openssl.org/docs/fips/fipsnotes.html)?
Thanks,
Amir
On Thu, Jun 21, 20
I came across this FIPS topic on introduction of Mozilla NSS in our
organisation (we have a fairly detailed procedure when new FOSS software is
introduced.)
To answer the question, ActiveMQ isn't on the published lists, so the answer
is no -a product is not compliant until it has been certified as
