[keycloak-user] FIPS compliant

Stian Thorgersen sthorger at redhat.com
Thu Oct 1 03:34:25 EDT 2015


Keycloak is not FIPS compliant. There's basically two parts that would need
to be made FIPS compliant:

* SSL - this should be possible at the moment, Google for FIPS and WildFly
or EAP to see how to configure it
* OIDC/SAML - we use Bouncycastle for crypt which is not FIPS compliant,
but looking at
http://www.bouncycastle.org/wiki/display/JA1/Frequently+Asked+Questions
they have a FIPS compliant version in place

On 28 September 2015 at 23:27, Bhanu Kiran <getbhanu30 at gmail.com> wrote:

> Team,
>
>
>
> Please let us know if Keycloak is FIPS complained or how we can implement
> FIPS in keycloak ?
>
>
>
> Thanks
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151001/dce721f3/attachment.html 


More information about the keycloak-user mailing list