Skip to main content Skip to complementary content
Qlik Resources

FIPS compliance

Replicate is FIPS-compliant. FIPS (Federal Information Processing Standards) is a set of standards developed by the United States Federal Government for use in computer systems. FIPS 140-2 is the subset of standards which defines approved encryption algorithms used for handling sensitive information.

Prerequisites and considerations

  • In order for Replicate to work in FIPS mode, the operating system on which you want to install Replicate must already be running in FIPS mode.
  • Turning FIPS mode on or off after Replicate is installed is not supported. In such a case, the Replicate services will stop running and Replicate will need to be reinstalled.

FIPS-compliant endpoints

FIPS compliance in Replicate endpoints depends on whether the database or ODBC vendor supports the FIPS cryptographic standard. As this is not always the case, only the endpoints listed in the table below are FIPS compliant.

FIPS compliant endpoints
Endpoint Comments
File source and target -
IBM DB2 for z/OS source

The SSL connection is FIPS compliant. To connect using SSL, set the following internal parameters in the endpoint's Advanced tab:

  • UseSSL

    Enables SSL

  • SSLClientKeystoredb

    The SSL keystore database file that is used for an SSL connection with or without the CERTIFICATE authentication.

  • SSLClientKeystash

    The fully qualified path of the stash file ( .sth ), which stores an encrypted password to the key database file.

    -OR-

    SSLClientKeystoreDbPassword

    The password of the keystore in string format. This password is defined when the keystore is generated.

See also: Setting advanced connection properties
IBM DB2 for iSeries source

Supported with Replicate on Windows only. The SSL connection is FIPS compliant. To connect using SSL, set the useSSL internal parameter in the endpoint's Advanced tab.

See also: Setting advanced connection properties
IBM DB2 for LUW source

The SSL connection is FIPS compliant. To connect using SSL, set the following internal parameters in the endpoint's Advanced tab:

  • UseSSL

    Enables SSL

  • SSLClientKeystoredb

    The SSL keystore database file that is used for an SSL connection with or without the CERTIFICATE authentication.

  • SSLClientKeystash

    The fully qualified path of the stash file ( .sth ), which stores an encrypted password to the key database file.

    -OR-

    SSLClientKeystoreDbPassword

    The password of the keystore in string format. This password is defined when the keystore is generated.

See also: Setting advanced connection properties
Microsoft Azure ADLS target

Supported when using Azure Data Lake Storage (ADLS) Gen1 only.

See also: Setting general connection properties
Microsoft Azure Event Hubs target -
Oracle source and target For instructions on how to enable FIPS, see https://docs.oracle.com/cd/E28271_01/network.1111/e10746/asoappe.htm
Sybase ASE source To enable FIPS, set the EnableFIPS internal parameter in the endpoint's Advanced tab to true.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Leave your feedback here