Skip to content

Using a FIPS 140-2 Compliant Image in Traefik Enterprise

FIPS 140-2 is a U.S. Federal Government security standard used to approve cryptographic modules. This document explains how Traefik Enterprise is built with FIPS validated cryptographic libraries.

Use of FIPS Compatible Go compiler.

Since the version v2.4.0, for each Traefik Enterprise version a specific Docker image is built using the Go compiler goboring.

This version of Go replaces the standard Go crypto libraries with the FIPS validated BoringCrypto module. See the readme for more details.

Download the FIPS image

You can get the latest FIPS image using the following command:

docker pull traefik/traefikee:fips

If you want to dowload a specific version, you have to set the version as a prefix in the image tag. For example, to download the FIPS compliant Traefik Enterprise image in version v2.4.5:

docker pull traefik/traefikee:v2.4.5-fips