-
Documentation
-
Resolution: Obsolete
-
Major
-
None
-
7.3.1.GA
-
None
-
False
-
False
-
-
-
Undefined
-
Documentation [1] states that "The scope of this configuration example is limited to Red Hat Enterprise Linux 7 and later". We should also add that BouncyCastle is certified on multiple operating systems including Windows. One of the use cases for recommending a pure Java FIPS-certified JCA provider is that it simplifies running apps on multiple operating systems by limiting platform unique configurations. For example, EAP customers on Windows are FIPS 140-2 compliant when using the BouncyCastle certified jars.
The NIST website lists the certificates for bouncy castle. The certificate for their latest version is here [2]. The caveat field states the conditions where the certificate is considered valid.
[2]https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3514