On 11/09/2017 05:52 PM, chiru r wrote: > If OpenSSL apply any patches at OS level, Is there any > changes/maintenance we need to perform at PostgreSQL end? > > On Thu, Nov 9, 2017 at 5:46 PM, Joe Conway wrote: >> Assuming you mean that you need only FIPS 140-2 compliant ciphers, you >> would want to configure the OS for system-wide FIPS compliance. See: >> >> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/chap-federal_standards_and_regulations If you enable FIPS at the OS level on a RHEL 7.x system per that link, Postgres will automatically be using SSL in fips-mode, nothing specific you need to (or actually, even can) do. Joe -- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development
Attachment:
signature.asc
Description: OpenPGP digital signature
