Mule fips
Download as PPT, PDF0 likes566 views
This document discusses how to configure Mule ESB to run in FIPS 140-2 compliant mode. There are two requirements - installing a certified cryptography module in the Java environment and adjusting Mule ESB settings to run in FIPS security mode. It assumes familiarity with FIPS 140-2 and having obtained a certified security module. It provides examples of setting up RSA's BSAFE JCE provider in the Java environment and updating the Mule wrapper configuration file to run Mule in FIPS security mode.
More Related Content
Mule fips
- 1. MULE –FIPS 140-2Compliance Support
- 2. 2 Overview As of Mule3.5.0, Mule ESB can be configured to run in a FIPS 140-2 certified environment. Note that Mule does not run in FIPS security mode by default. There are two requirements: Have a certified cryptography module installed in your Java environment Adjust Mule ESB settings to run in FIPS security mode
- 3. 3 Assumptions This document assumesthat you are familiar with FIPS 140-2, the US government security standard that requires that compliant parties use only cryptographic security modules that have been certified by NIST. This document also assumes that you have selected and obtained a certified security module.
- 4. 4 Setting Up aFIPS 140-2 Java Environment Mule relies on the Java runtime to provide a FIPS-compliant security module, which is why the first requirement is to have a FIPS 140-2 Java environment properly set up. If you are setting up your system for FIPS compliance for the first time and you have not already configured a certified security provider, you must first select and obtain one, then set up your Java environment following the instructions specific to your selected provider.
- 5. 5 Details for thisprocess vary according to your selected security provider Please refer to the documentation for your security provider for complete instructions. Example Setup Instructions Using RSA’s BSAFE JCE Provider
- 6. 6 The following exampledemonstrates how to install and configure RSA’s BSAFE JCE provider. Install the required jar files into the $JAVA_HOME/lib/ext folder, as shown.
- 7. 7 Register the securityprovider in the security properties in the $JAVA_HOME/lib/security folder. Open the java.security file to add your provider’s class as the first item in the list of providers already present. In the example shown below, this is com.rsa.jsafe.provider.JsafeJCE
- 8. 8 Running Mule inFIPS Security Mode Next, set up your Mule instances to work in a FIPS 140-2-compliant environment by updating the configuration of the wrapper that launches the Mule application server. Open your wrapper.conf file (located in $MULE_HOME/conf folder). Uncomment the line that sets Mule to work in FIPS security mode, as shown. Be sure to replace the <n> with the next sequential number in your wrapper.conf file. Save.
- 9.
- 10.