Summary
Example depicts MD5 for communication between all of the nodes in the cluster.
The 5.1 release included:
Enhancement | Failover Manager was upgraded to use the Bouncy Castle cryptographic library version 2.1.1.
This version of the Bouncy Castle cryptographic library is FIPS 140-3 certified which does not support MD5.
The 4.8 release included:
Enhancement | Encryption/decryption of database password will now work in a FIPS environment.
Where did you see the problem?
https://www.enterprisedb.com/docs/efm/latest/installing/prerequisites/#modify-pg_hbaconf
Expected behavior
Suggest to change to depict the ability to use secure authentication methods. Passwords should be encrypted with FIPS-compliant methods like scram-sha-256. Avoid older, non-compliant methods like md5.
# TYPE DATABASE USER CIDR-ADDRESS METHOD [OPTIONS]
# Allow local connections (optional, adjust as needed)
host all all 127.0.0.1/32 scram-sha-256
host all all ::1/128 scram-sha-256
# Allow communication between cluster nodes, enforcing SSL and FIPS-compliant auth
# Replace with actual IP ranges and specific user/database names if necessary
hostssl all all 10.0.0.0/8 scram-sha-256 clientcert=1
hostssl: Requires the connection to use SSL encryption.
clientcert=1: Optionally requires the client to present a valid SSL certificate, which can be part of a robust FIPS-compliant PKI setup for authentication.
Screenshots
No response
Browser / Platform
No response
Additional notes
Having clear guidance on what configurations should be set to run in a FIPS environment would be helpful - all together on one page.
FIPS 140-3 Configuration Questions
- General FIPS Compliance and Support
-
What are the official EDB requirements or prerequisites (OS, EFM version, database version) for running EFM in a FIPS 140-3-compliant setup?
-
Is there a specific FIPS mode flag or configuration parameter within EFM that needs to be enabled?
- Cryptography and Communication Security (SSL/TLS)
(This relates directly to the documentation section: "Configuring SSL authentication on a Failover Manager cluster")
-
Does EFM utilize the underlying operating system's FIPS 140-3 validated cryptographic module (e.g., OpenSSL FIPS mode) for all network communications (agent-to-agent, agent-to-database, and application-to-database connections)?
-
What TLS protocols (e.g., TLS 1.2, TLS 1.3) and FIPS-approved cipher suites are supported and required for secure inter-cluster communication?
-
How is key and certificate management handled securely within EFM to meet FIPS requirements for key generation, storage, and access control?
-
Are there any non-FIPS-compliant algorithms or legacy protocols that must be explicitly disabled in the EFM configuration?
- Database Connectivity and Replication
- What specific PostgreSQL/EDB Postgres Advanced Server configuration settings (e.g., ssl_ciphers, ssl_cert_file) must be aligned with FIPS 140-3 standards to ensure EFM's connectivity to the primary and standby nodes is compliant?
Summary
Example depicts MD5 for communication between all of the nodes in the cluster.
The 5.1 release included:
Enhancement | Failover Manager was upgraded to use the Bouncy Castle cryptographic library version 2.1.1.
This version of the Bouncy Castle cryptographic library is FIPS 140-3 certified which does not support MD5.
The 4.8 release included:
Enhancement | Encryption/decryption of database password will now work in a FIPS environment.
Where did you see the problem?
https://www.enterprisedb.com/docs/efm/latest/installing/prerequisites/#modify-pg_hbaconf
Expected behavior
Suggest to change to depict the ability to use secure authentication methods. Passwords should be encrypted with FIPS-compliant methods like scram-sha-256. Avoid older, non-compliant methods like md5.
hostssl: Requires the connection to use SSL encryption.
clientcert=1: Optionally requires the client to present a valid SSL certificate, which can be part of a robust FIPS-compliant PKI setup for authentication.
Screenshots
No response
Browser / Platform
No response
Additional notes
Having clear guidance on what configurations should be set to run in a FIPS environment would be helpful - all together on one page.
FIPS 140-3 Configuration Questions
What are the official EDB requirements or prerequisites (OS, EFM version, database version) for running EFM in a FIPS 140-3-compliant setup?
Is there a specific FIPS mode flag or configuration parameter within EFM that needs to be enabled?
(This relates directly to the documentation section: "Configuring SSL authentication on a Failover Manager cluster")
Does EFM utilize the underlying operating system's FIPS 140-3 validated cryptographic module (e.g., OpenSSL FIPS mode) for all network communications (agent-to-agent, agent-to-database, and application-to-database connections)?
What TLS protocols (e.g., TLS 1.2, TLS 1.3) and FIPS-approved cipher suites are supported and required for secure inter-cluster communication?
How is key and certificate management handled securely within EFM to meet FIPS requirements for key generation, storage, and access control?
Are there any non-FIPS-compliant algorithms or legacy protocols that must be explicitly disabled in the EFM configuration?