SecureAuth Version Affected: All versions
When installing SecureAuth Credential Provider v2.6.5 and above on a FIPS-compliant server, it gives the following error:
Error 1001. This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
In Credential Provider v2.6.5 and above, the encryption algorithm was moved to AES256, but utilized a non-FIPS library, which broke FIPS compliance. The Product Management team is aware of the issue and will have a FIPS compliant AES256 library in the next release of the Credential Provider.
There are two resolutions to this issue:
- Install the previous version of Credential Provider, version 2.1.11. This version utilizes 3DES, which is FIPS compliant.
- Upgrade to Login for Windows, which includes support for FIPS.
If you have any questions regarding this issue, please contact SecureAuth Support.