FIPS 140-2 Mode and Key Size Requirement in MFT 5.7.x

View some of the Frequently Asked Questions to our support staff. Included are some tips and tricks making this forum ideal for users getting started with GoAnywhere MFT. Note: Users can reply to existing topics but only our support staff can add new topics to this forum.
1 post Page 1 of 1

Support_Philip

User avatar
Posts: 42
Joined: Wed Jun 21, 2017 8:12 am

Post by Support_Philip » Mon Jun 18, 2018 2:53 pm
Question:

What changes need to be made to accommodate the new FIPS provider library in MFT 5.7.x?

Answer:

When running FIPS in MFT version 5.7.0 and later, there are minimum key size requirements for RSA Keys. Any services in MFT that use SSL Certificates or SSH Keys (HTTPS, FTPS, SFTP for example) will need to utilize RSA key sizes 2048 bits or larger. You may need to create a new key pair with an RSA key that is 2048 (or higher) and replace the existing key for the service in order to be FIPS 140-2 compliant as well as adhere to the new FIPS 140-2 library. Here is an example of an RSA 2048 bit key size SSH Key, as well as SSL Certificate:
Image
Image
Philip Horn
Support Analyst
e. philip.horn@helpsystems.com
p. 1-800-949-4696
w. GoAnywhere.com | HelpSystems.com
1 post Page 1 of 1