Gemini Community Support Site

This Gemini community support site can be used to find solutions to product issues. You can log in using Open Id, Google Profile and even Facebook. Feel free to ask a question or browse FAQs and documentation. Product tour videos are also available along with how-to videos demonstrating key Gemini capabilities.




v3.7.2: Gemini with FIPS compliant

web-app

Is there anyway to have Gemini running with FIPS option enabled in the Local Policy\Security Options?
Also the "The HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Control\Lsa\fipsalgorithmpolicy registry subkey is set to 1" ?

kha
· 1
kha
Replies (5)
helpful
0
not helpful

This is nothing to do with Gemini and with IIS and asp.net.
a quick search in google should help: http://support.microsoft.com/kb/911722


Saar Cohen
· 5000
Saar Cohen
helpful
0
not helpful

Well,  I think i should rephrase my question:

Here is the scenario:
1) Hosting server is windows 2008, before turning any FIPS compliant option on, i have Gemini working fine.
2) I have to turn on the FIPS complaint because it's required by the security procedure from client

There are 2 FIPS complaint options that we need to enable:
1) Local Security Policy -> Security Options -> System cryptopraphy: Use FIPS compliant algorithms for encryption, hashing, and signing
2) Registry key that I mentioned in my original post.

Before enabling any of the two FIPS options above, I got Gemini worked perfectly fine.  But as I enabled either or both FIPS option(s), viewing Gemini, I got error "Unable to validate data".  Once i disabled the FIPS complaint option, Gemini works again.

My questions:
1) Is there anyway to get Gemini work with the FIPS complaint enabled?
2) If not, is there any work around? 


kha
· 1
kha
helpful
0
not helpful

Did you see my post above?, it has a link to how you can do this.
Again, this is not a Gemini specific issue, but asp.net.


Saar Cohen
· 5000
Saar Cohen
helpful
0
not helpful

SaarCohen that link doesn't answer my answer.
My question is if Gemini is FIPS compliant?  If not, is there any workaround to make it FIPS compliant or make it run on a FIPS compliant server?

Here is the link about FIPS compliant, hope that clears up my question: http://www.infoworld.com/d/security-central/your-web-site-fips-compliant-393?page=0,0


kha
· 1
kha
helpful
0
not helpful

Gemini is not FIPS compliant as it uses ASP.NET. You should be able to run it on a FIPS compliant server using the workaround in the link I've posted.


Saar Cohen
· 5000
Saar Cohen