FIPS 140-2 Supported Platforms

Vertica uses a certified OpenSSL FIPS 140-2 cryptographic module to meet the security standards set by the National Institute of Standards and Technology (NIST) for Federal Agencies in the United States or other countries. Vertica links with OpenSSL 1.0.x to perform cryptographic operations. The minor version might change depending on the Vertica hotfix version and your operating system configuration. When operating in FIPS mode, Vertica relies on Red Hat Linux's FIPS configuration to ensure a FIPS-certified version of OpenSSL 1.0 is present in the environment.

Vertica has tested FIPS mode with the following FIPS-compliant operating systems and OpenSSL versions:

  • Red Hat Enterprise Linux 6.6 using OpenSSL 1.0.1e
  • Red Hat Enterprise Linux 7.8 using OpenSSL 1.0.2k

FIPS-enabled Vertica requires the following:

  • A user-generated certificate signed by an approved Certificate Authority
  • TLS 1.2 to support the server-client connection for a FIPS-enabled system

You cannot upgrade Vertica from version 7.x to a FIPS-enabled 8.0 system.

Supported Drivers

Vertica supports the following client drivers for FIPS-compliance:

  • vsql
  • ODBC
  • JDBC

FIPS-enablement is not supported in the Management Console.

For more information see Federal Information Processing Standard.