SecureAuth Version Affected: All versions
When installing SecureAuth Credential Provider v2.6.5 and above on a FIPS-compliant server, it gives the following error:
Error 1001. This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
In Credential Provider v2.6.5 and above, the encryption algorithm was moved to AES256, but utilized a non-FIPS library, which broke FIPS compliance. The Product Management team is aware of the issue and will have a FIPS compliant AES256 library in the next release of the Credential Provider.
There are two resolutions for this issue:
- Install the previous version of Credential Provider, version 2.1.11. This version utilizes 3DES, which is FIPS compliant.
- Wait for the next major release of the Credential Provider, named Login for Windows, that will include support for FIPS. It is currently scheduled to be released at the end of January 2018.
If you have any questions regarding this issue, please contact SecureAuth Support.