InterSystems IRIS Data Platform 2019.2

FIPS 140–2 Compliance for Database Encryption
InterSystems: The power behind what matters   

On specific platforms, InterSystems IRIS™ supports FIPS 140–2 compliant cryptography for database encryption. (FIPS 140–2 refers to Federal Information Processing Standard Publication 140-2, which is available at )
Supported Platforms
InterSystems IRIS supports FIPS 140-2–compliant cryptography for database encryption on Red Hat Enterprise Linux for x86-64. For each supported version, Red Hat has a certificate of validation for the OpenSSL and libraries; this certificate is available at the site listed below.
Red Hat 7.1, 7.2, and 7.3
Red Hat 7.4 and later
For information about Red Hat support for government standards, see
Enabling FIPS Support
To enable InterSystems IRIS support for FIPS 140–2 compliant cryptography for database encryption, do the following:
  1. Download and install the openssl package from the RedHat repository (rhel-6-server-rpms or rhel-7-server-rpms, depending on which version of Red Hat Enterprise Linux for x86-64 you are using).
  2. Enable FIPS mode for the operating system. For information, see one of the following:
    Be sure to reboot and to check that FIPS mode is enabled.
  3. Check the directory /usr/lib64 for the following symbolic links. If these do not exist, create them:
  4. In InterSystems IRIS, specify the FIPSMode CPF parameter as True (1). To do so:
    1. Open the Management Portal.
    2. Select System Administration > Configuration > Additional Settings > Startup.
      Here you will see a row for FIPSMode.
    3. Specify the value for FIPSMode as True and save your change.
  5. Restart InterSystems IRIS.
  6. Enable and configure encrypted databases as outlined in “Using Encrypted Databases” in the chapter “Managed Key Encryption” in Security Administration Guide.
Startup Behavior and messages.log
When InterSystems IRIS is started:

Send us comments on this page
View this article as PDF   |  Download all PDFs
Copyright © 1997-2019 InterSystems Corporation, Cambridge, MA
Content Date/Time: 2019-10-14 06:33:38