Skip to main content Skip to complementary content

FIPS compliance

Warning noteThis version of Qlik Replicate does not support FIPS. Customers who require a FIPS-compliant Qlik Replicate version are advised to use Qlik Replicate November 2022 or May 2023.
Information noteSupported from Replicate May 2022 Service Release 02 only.

FIPS (Federal Information Processing Standards) is a set of standards developed by the United States Federal Government for use in computer systems. FIPS 140-2 is the subset of standards which defines approved encryption algorithms used for handling sensitive information. Replicate will work in FIPS mode if the following prerequisites have been met:

  • A FIPS-compliant Replicate version must be installed. To obtain the FIPS-compliant version, contact Qlik Support.

    Warning noteUpgrading from a non FIPS-compliant Replicate is not supported. You need to uninstall your current version before installing the FIPS-compliant version. Once you have installed the FIPS-compliant version, the next Replicate version that you upgrade to does not need to be FIPS-compliant (as you will already have all the FIPS-compliant software on your machine).
  • The operating system on which Replicate is installed is running in FIPS mode.

FIPS-compliant endpoints

FIPS compliance in Replicate endpoints depends on whether the database or ODBC vendor supports the FIPS cryptographic standard. As this is not always the case, only the endpoints listed in the table below are FIPS compliant.

FIPS compliant endpoints
Endpoint Comments
File source and target -
IBM DB2 for z/OS source

The SSL connection is FIPS compliant. To connect using SSL, set the following internal parameters in the endpoint's Advanced tab:

  • UseSSL

    Enables SSL

  • SSLClientKeystoredb

    The SSL keystore database file that is used for an SSL connection with or without the CERTIFICATE authentication.

  • SSLClientKeystash

    The fully qualified path of the stash file ( .sth ), which stores an encrypted password to the key database file.

    -OR-

    SSLClientKeystoreDbPassword

    The password of the keystore in string format. This password is defined when the keystore is generated.

See also: Setting advanced connection properties

IBM DB2 for iSeries source

Supported with Replicate on Windows only. The SSL connection is FIPS compliant. To connect using SSL, set the useSSL internal parameter in the endpoint's Advanced tab.

See also: Setting advanced connection properties

IBM DB2 for LUW source

The SSL connection is FIPS compliant. To connect using SSL, set the following internal parameters in the endpoint's Advanced tab:

  • UseSSL

    Enables SSL

  • SSLClientKeystoredb

    The SSL keystore database file that is used for an SSL connection with or without the CERTIFICATE authentication.

  • SSLClientKeystash

    The fully qualified path of the stash file ( .sth ), which stores an encrypted password to the key database file.

    -OR-

    SSLClientKeystoreDbPassword

    The password of the keystore in string format. This password is defined when the keystore is generated.

See also: Setting advanced connection properties

Microsoft Azure ADLS target

Supported when using Azure Data Lake Storage (ADLS) Gen1 only.

See also: Setting general connection properties

Microsoft Azure Event Hubs target -
Oracle source and target For instructions on how to enable FIPS, see https://docs.oracle.com/cd/E28271_01/network.1111/e10746/asoappe.htm
Sybase ASE source To enable FIPS, set the EnableFIPS internal parameter in the endpoint's Advanced tab to true.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!