Guarantee strong encryption by enabling ‘FIPS mode’ with RHEL and HAProxy Enterprise.
Watch our on-demand webinar “Achieving FIPS 140-2 Encryption Compliance with HAProxy Enterprise on Red Hat Enterprise Linux”.
SSL and its successor TLS are protocols that safeguard web traffic as it crosses the Internet, encrypting communication and protecting it from tampering. However, the encryption algorithms within these protocols are subject to change over time as vulnerabilities are discovered or as better encryption methods become available. For example, the MD5 algorithm is considered insecure, and you shouldn’t use it.
The U.S. federal government goes to great lengths to ensure that only strong algorithms are used by federal agencies. It mandates that any software that uses SSL or TLS should adhere to a strict standard called FIPS 140-2, developed by the National Institute of Standards and Technology (NIST) by the Federal Information Security Management Act (FISMA). If you are responsible for choosing a load balancer for your applications and you work for the U.S. government or another industry that adheres to FIPS, such as healthcare or finance, then finding one that is FIPS compatible is required.
The good news is that you don’t need to invest in the most expensive load balancer to be compliant. You can offload TLS encryption to HAProxy Enterprise as a more economical solution. There are plenty of reasons to prefer HAProxy Enterprise for TLS. It’s a battle-tested and cost-effective way to offload the CPU-intensive work of encryption from your application servers, and it’s routinely updated with the latest SSL/TLS features. For example, it can use ALPN for negotiating the application protocol, OCSP stapling for exchanging revocation lists, and it provides easy settings for controlling which versions of SSL/TLS and their associated ciphers are allowed.
HAProxy Enterprise does not itself implement encryption algorithms but instead relies on the OpenSSL library present on the Linux system where it runs. As long as the version of OpenSSL installed on the system is FIPS certified, you can use the HAProxy Enterprise load balancer without worry. In this blog post, you’ll learn how to enable FIPS mode on Red Hat Enterprise Linux 8 (RHEL) to ensure that only strong SSL/TLS algorithms can be used with HAProxy Enterprise.
Advances in OpenSSL FIPS Validation
The OpenSSL project maintainers do a lot to keep the Internet secure. One way is by gathering together various organizations like Akamai, Blue Cedar, NetApp, Oracle, and VMWare to sponsor the initiative to make the latest version 1.1.1 of OpenSSL FIPS certified. Currently, only OpenSSL version 1.0.2 is officially certified by NIST, and that version does not support TLS 1.3. There’s ongoing work to certify version 1.1.1, with a push to overhaul how the OpenSSL FIPS module works. Technically, the components of OpenSSL that need to be certified were separated into a module called the OpenSSL FIPS Object Module, but I digress.
Luckily, Red Hat has done work in parallel to get its own version of OpenSSL 1.1.1 FIPS certified so that you don’t need to wait. So, if you run RHEL 8, you can adhere to FIPS while using the latest version of OpenSSL and an HAProxy Enterprise load balancer for TLS termination. How this works is that RHEL can be put into FIPS mode, which locks down all of the cryptographic components on the operating system to only allow certain algorithms to be used. That list of affected components includes OpenSSL. So, even if you tried to configure HAProxy Enterprise to use a deprecated algorithm, the call to the OpenSSL library would fail.
How to Enable FIPS Mode in RHEL 8
Red Hat Enterprise Linux 8 ships with a version of OpenSSL that’s ready to flip into FIPS-only mode. Check that your version of OpenSSL lists the FIPS feature:
$ openssl version | |
OpenSSL 1.1.1c FIPS 28 May 2019 |
A command-line tool called fips-mode-setup
changes the system to FIPS mode. First, check whether FIPS mode is already enabled:
$ sudo fips-mode-setup --check | |
Installation of FIPS modules is not completed. | |
FIPS mode is disabled. |
You will see a message informing you that FIPS mode is not yet enabled. Next, pass the --enable
flag to the fips-mode-setup
command to turn on FIPS mode:
$ sudo fips-mode-setup --enable | |
Kernel initramdisks are being regenerated. This might take some time. | |
Setting system policy to FIPS | |
Note: System-wide crypto policies are applied on application start-up. | |
It is recommended to restart the system for the change of policies to fully take place. | |
FIPS mode will be enabled. | |
Please reboot the system for the settings to take effect. |
You will see a message that says that FIPS mode will be enabled but that it requires a reboot. After rebooting, check the status again, and you should see that FIPS mode is now enabled:
$ sudo fips-mode-setup --check | |
FIPS mode is enabled. |
Try creating an MD5 hash, which isn’t allowed under FIPS, and you should be greeted with an error message. That tells you that FIPS is working:
$ openssl md5 /dev/null | |
Error setting digest | |
139634625394496:error:060800C8:digital envelope routines:EVP_DigestInit_ex:disabled for FIPS:crypto/evp/digest.c:135: |
Looking for further evidence that FIPS is enabled? These commands should also show it:
$ cat /proc/sys/crypto/fips_enabled | |
1 | |
$ sysctl crypto.fips_enabled | |
crypto.fips_enabled = 1 |
In addition to removing or disabling non-FIPS compatible encryption ciphers, RHEL also provides a way to centrally manage which ciphers you prefer and in which order. Its system-wide crypto policies define profiles that store that information, to which applications like HAProxy can defer. That way, you avoid needing to add lists of specific encryption ciphers in each application. You can verify that the default system-wide crypto policy is FIPS by calling the update-crypto-policies
command with the --show
argument:
$ update-crypto-policies --show | |
FIPS |
Configure HAProxy Enterprise
After you install HAProxy Enterprise, you tune it via its configuration file, /etc/hapee-2.1/hapee-lb.cfg. By adding the following frontend
section, which has a bind
line that accepts HTTPS traffic on port 443, you can enable TLS termination at the load balancer:
frontend fe_main | |
bind :80 | |
bind :443 ssl crt /etc/hapee-2.1/certs/ssl.pem ssl-min-ver TLSv1.2 ciphers PROFILE=SYSTEM ciphersuites PROFILE=SYSTEM | |
http-request redirect scheme https unless { ssl_fc } | |
default_backend servers |
For this example, I am using the self-signed SSL certificate that comes with HAProxy Enterprise. Notice that on the bind
line, the ciphers
and ciphersuites
parameters are set to PROFILE=SYSTEM to restrict the encryption algorithms that the load balancer can use to the system-wide crypto policy. You set it twice, once with ciphers
and again with ciphersuites
, because the syntax for specifying cipher strings in OpenSSL changed for TLS 1.3 to use the cipher suites keyword. Restart the HAProxy Enterprise service to put this into effect:
$ sudo systemctl restart hapee-2.1-lb |
If you’re interested to know exactly which algorithms the cipher string above will allow, you can pass it to the openssl ciphers
command, like this:
$ openssl ciphers PROFILE=SYSTEM | |
# List of algorithms is displayed⦠|
Now, HAProxy Enterprise will only attempt to use TLS algorithms that are allowed by the system, which is in FIPS mode.
Conclusion
In the blog post, you learned how to use HAProxy Enterprise for TLS encryption in an environment that requires FIPS. Red Hat Enterprise Linux 8 provides FIPS-certified cryptographic components, including an updated version of OpenSSL 1.1.1, which HAProxy invokes. This setup allows you to use HAProxy Enterprise as your preferred load balancer without running afoul of federal government guidelines.
Want to stay up to date on similar topics? Subscribe to this blog! You can also follow us on Twitter and join the conversation on Slack.
HAProxy Enterprise is the world’s fastest and most widely used software load balancer. It powers modern application delivery at any scale and in any environment, providing the utmost performance, observability, and security. Organizations harness its cutting-edge features and enterprise suite of add-ons backed by authoritative expert support and professional services. Ready to learn more? Contact us and sign up for a free trial.
Subscribe to our blog. Get the latest release updates, tutorials, and deep-dives from HAProxy experts.