Golang with FIPS-140-2 certified SLE BCI openssl #4
dirkmueller
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
SUSE Linux Enterprise Server 15 SP4 and SP5 has shipped in the Development Tools module a variant of the golang compilersuite that produces crypto bindings to libopenssl. As there is a FIPS-140-2 certified openssl available in the SLE Security Certifications Module, this can be used to produce fully FIPS-140-2 compatible golang binaries.
The following go compiler versions are available currently:
The go1.21-openssl package is currently under development. Of course the SLE BCI team has been providing those as BCI containers as well. so instead of using
FROM registry.suse.com/bci/golang:1.20in your
ContainerfileorDockerfile, you can instead useFROM registry.suse.com/bci/golang:1.20-openssland as long as you build a dynamically linked binary, it will use the system provided openssl library to inherit the FIPS-140-2 compatibility.
As usual, for convenience SLE BCI is also providing the versions under
registry.suse.com/bci/golang:stable-opensslandregistry.suse.com/bci/golang:oldstable-opensslas well, so you don't need to update your build pipeline with new version when they come out.Also see the corresponding announcement on SUSE Communities.
Beta Was this translation helpful? Give feedback.
All reactions