Vijay,

Did you build the OpenLDAP binary from source or are you using a binary distribution from somewhere? Like Quanah already stated, you need to determine if the version of OpenSSL you linked against is FIPS compliant. The FIPS designation has nothing to do with OpenLDAP per se.

e.g. on my CentOS distro I can type

# openssl version
OpenSSL 1.0.2k-fips 26 Jan 2017

And it lets me know that OpenSSL is FIPS compliment. Then if I build OpenLDAP using the openssl libraries provided with my distro then I’m assuming it would then inherit some of this FIP-ness.

Sincerely,

Scott

On Jun 15, 2020, at 9:45 PM, Vijay Kumar <pasumarthivijaykumar@gmail.com> wrote:

Thank you Quanah,

As i mentioned, we are using OpenLDAP 2.4.48 version from https://www.openldap.org/ which internally uses OpenSSL
I would like to know, is this version of OpenLDAP with OpennSSL does FIPS compliant.?

Regards,
Vijay Kumar

On Mon, Jun 15, 2020 at 10:22 PM Quanah Gibson-Mount <quanah@symas.com> wrote:

--On Monday, June 15, 2020 5:03 PM +0530 Vijay Kumar
<pasumarthivijaykumar@gmail.com> wrote:

>
> Hi Team,
>
>
> We are using the version 2.4.48 OpenLDAP, we would like to know which
> versions of OpenLDAP which used OpenSSL are compliant towards FIPS 140.2
> standards.?

Hello,

Do *NOT* post to multiple lists.

The FIPS question is not really an OpenLDAP question at all. Either the
build of OpenLDAP you are using is linked to a FIPS version of OpenSSL or
it isn't. You'd need to find out from whomever provided your OpenLDAP
build (and that's assuming it's linked to OpenSSL) if that OpenSSL build is
FIPS enabled.

Reards,
Quaanh

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

--
Thanks & Regards,

Vijay Kumar

+91-94944 44009