Enable Bitnami FIPS mode in GCP

ravichandra.b.muthoj 2021-02-06 01:23:58 UTC #1

Keywords: General - Google Cloud Platform - Technical issue - Other
Description:
Hello,
Currently in our Dialog flow project a NodeJS instance has been deployed using a Google Marketplace Debian Linux image offered by Bitnami (OS Type and Version: bitnami-node-14-13-1-0-linux-debian-10-x86-64-nami), which is not FIPS compliant. This image has Apache and Nodejs in it. In order for us to be FIPS compliant, can GCP provide versions of their containers that contain the FIPS-enabled version of OpenSSL via GCP Market place.
Also if you have an alternate solutions like Suse Linux with OpenSSL container via GCP please let us know.
Please respond as this is critical to our business services operations.
Thanks.

gongomgra 2021-02-08 11:04:29 UTC #2

Hi @ravichandra.b.muthoj,

Thanks for using Bitnami. According to the official OpenSSL docs, OpenSSL 1.1.x is not FIPS compliant.

https://wiki.openssl.org/index.php/FIPS_modules

I also checked that OpenSSL 1.0.2 is out of official support since January 2020

https://www.openssl.org/news/vulnerabilities-1.0.2.html

Regarding your question about Suse Linux, I'm afraid we don't provide our assets for this operating system.

Regards,
Gonzalo

ravichandra.b.muthoj 2021-02-08 14:40:27 UTC #3

Thank you Gonzalo. I found below related to FIPS on Bitnami website : https://docs.bitnami.com/tutorials/bitnami-best-practices-hardening-containers/

FIPS
"If customers require compliance with FIPS 140-2, Bitnami containers can ship a FIPS-enabled version of OpenSSL."

Can Bitnami ship this image to us directly so that we can swap it on GCP?

gongomgra 2021-02-09 11:22:25 UTC #4

Hi @ravichandra.b.muthoj,

Thanks for your message. We have a service named Tanzu Application Catalog to provide customers with the required containers using their custom base OS image. Can you check the next link? The website also has an option to submit your questions or join the service if it fits your needs

https://tanzu.vmware.com/application-catalog

Regards,
Gonzalo

system 2021-02-23 11:22:25 UTC #5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Bitnami provides free all-in-one installers, virtual machines and cloud images for popular open source applications. Get them now!