We are moving to Percona v6 on rhel9 from Community v5 on rhel8. This parameter is fine on community. What am I missing here?
Here is part of the percona config:
# network interfaces
net:
tls:
FIPSMode: true
port: 27017
# bindIp: 127.0.0.1
bindIp: 0.0.0.0
Error log
Unrecognized option: net.tls.FIPSMode
try '/usr/bin/mongod --help' for more information
From my community install
test> use admin
switched to db admin
admin> db.version()
5.0.14
admin> db.getSiblingDB("admin").runCommand({getCmdLineOpts: 1}).parsed.net.tls.FIPSMode
true
admin>
Thanks!
Can I get a confirmation from someone with Percona whether Percona for Mongo is FIPS compliant?
Hello @ecbtfs52
Percona Server for MongoDB is based on MongoDB community version. Unfortunately MongoDB removed net.tls.FIPSMode option from MongoDB community version 6.0 (see SERVER-57004).
We will investigate what we can do with this issue.
1 Like
Thanks for the clarification and the including the link!
Will any progress to toward having this available be posted here? Just looking for a way to track this since from a dod perspective FIPS non-compliance is a Cat 1 security finding.
Thanks
Hello,
Are there any updates in this matter?
A bug ticket or something we can follow?
Thank you
Hello @martongaja and @ecbtfs52
We are tracking this issue in [PSMDB-1281] Enable FIPS on PSMDB 6.0 - Percona JIRA
Please subscribe for notifications on that ticket.
1 Like