Using a FIPS 140-2 Compliant Image in Traefik Enterprise¶
FIPS 140-2 is a U.S. Federal Government security standard used to approve cryptographic modules. This document explains how Traefik Enterprise is built with FIPS validated cryptographic libraries.
Use of FIPS Compatible Go compiler.¶
Since the version v2.4.0, for each Traefik Enterprise version a specific Docker image is built using the Go compiler goboring.
This version of Go replaces the standard Go crypto libraries with the FIPS validated BoringCrypto module. See the readme for more details.
Download the FIPS image¶
You can get the latest FIPS image using the following command:
docker pull traefik/traefikee:fips
If you want to dowload a specific version, you have to set the version as a prefix in the image tag. For example, to download the FIPS compliant Traefik Enterprise image in version v2.4.5:
docker pull traefik/traefikee:v2.4.5-fips