Menu

Implement FIPS validated cryptographic algorithms.

+1 vote

While attempting to add a database connection I received the following error:

  • Can't test connection, This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

When will dbFront be updated to be FIPS compliant.

in Features (Todo) by (7.0k points)

1 Answer

0 votes

This feature is often required by Government and other High Security sites. This issue is definitely on our radar and some preliminary work has been done.

dbFront uses secure and compliant encryption algorithms as required but dbFront also uses non-compliant hashing algorithms to manage and track configuration changes, often in an effort to avoid exposing the underlying database structure.

We need to reimplement the encryption algorithms and deal with compatability issues between dbFront versions as users upgrade.

At the moment, a quick solution is to merge the following setting into the dbFrontService.exe.config file that is located in the folder [c:\program files (x86)\dbFront\]

<configuration>
  <runtime>    
    <enforceFIPSPolicy enabled="false"/>    
  </runtime>
</configuration>

This setting will disable the .Net FIPS compliance check and allow dbFront to use its current encryption methods.

NOTE: Please vote on, or fund, this Feature Request if you need FIPS compliance.

by (64.3k points)
edited by
Welcome to the dbFront Q&A site, where you can ask questions and receive answers from other members of the community.
 | Minimalist Answer Theme by Digitizor Media
 |
Powered by Question2Answer
...