The exponential growth in developing applications and devices has put a spotlight on ensuring that both the end user and service provider's data is secure. Therefore, finding the right mix of security is crucial. For some high security requirement applications, ConfD’s out-of-the-box built-in crypto support, which is based on OpenSSL libcrypto, may not be sufficient.
The best approach to achieving FIPS mode support is to upgrade to ConfD 7.2 and make use of the new ConfD FIPS mode feature. However, if this is not possible, this application note also describes an older, deprecated approach to achieving high security by disabling various ConfD features and using existing mechanisms which were designed to allow the use of external components, e.g., OpenSSH instead of ConfD’s built-in SSH server.
Download this application note to learn how to use ConfD when your system has high security requirements.