rabbitmq-fips

Last changed

Get notified of upcoming product changes, critical vulnerability notifications and patches and more.

Versions

Overview

Using rabbitmq in FIPS mode

To use this image in FIPS mode, the rabbitmq server application needs to load an extra configuration file containing the following (in the old Rabbitmq config format):


[
    {crypto, [
        {fips_mode, true}
    ]}
].

The file is located in /etc/erlang/releases/26/sys.config in this image.

The file can be loaded by setting an environment variable that points to the file:


RABBITMQ_ADVANCED_CONFIG_FILE=/etc/erlang/releases/26/sys.config

Verifying rabbitmq is in FIPS mode

To verify if rabbitmq is running with FIPS enabled, use the following command:


/usr/lib/rabbitmq/bin/rabbitmqctl environment |grep fips

If FIPS is enabled, the result will look like the following:


 {crypto,[{fips_mode,true},{rand_cache_size,896}]},

The rabbitmqctl command also outputs JSON, which can be parsed like this:


/usr/lib/rabbitmq/bin/rabbitmqctl environment --formatter json |jq '.crypto .fips_mode'

The result will be true if FIPS is enabled, or false if it is not.

Licenses

Chainguard Images contain software packages that are direct or transitive dependencies. The following licenses were found in the "latest" version of this image:

Apache-2.0
CC-PDDC
GCC-exception-3.1
GPL-2.0-only
GPL-2.0-or-later
GPL-3.0-or-later
LGPL-2.1-or-later

For a complete list of licenses, please refer to this Image's SBOM.

Software license agreement

Compliance

This is a FIPS validated image for FedRAMP compliance.

This image is STIG hardened and scanned against the DISA General Purpose Operating System SRG with reports available.

Learn more about STIGs Get started with STIGs

Related images