FIPS Compliant Image

FIPS 140-2 is a U.S. Federal Government security standard used to approve cryptographic modules. This section explains how Traefik Hub API Gateway is built with FIPS validated cryptographic libraries.

Use of FIPS Compatible Go module

For each Traefik Hub API Gateway version a specific Docker image is built using the Go option GOEXPERIMENT=boringcrypto.

In Go, the BoringCrypto module is a general-purpose cryptographic library that is FIPS 140–2.

Download the FIPS image

Replace the main Traefik Hub Gateway image with the FIPS one. To do so, set the major version as a prefix in the image tag. For example, to download the FIPS compliant Traefik Hub API Gateway image in version v3:

Helm
Docker

## values.yaml
image:
  registry: ghcr.io
  repository: traefik/traefik-hub
  tag: "v3-fips"

docker pull ghcr.io/traefik/traefik-hub:v3-fips

Use of FIPS Compatible Go module​

Download the FIPS image​

Use of FIPS Compatible Go module

Download the FIPS image