FIPS 140-2 API-enabled Elixir containers
This container contains Elixir configured on top of Erlang with --enable-fips for a FIPS mode crypto application. The container builds on an Alpine image compiled in FIPS mode.
This Docker image is not FIPS compliant. The OpenSSL FIPS Security Policy requires that "An independently acquired FIPS 140-2 validated implementation of SHA1 HMAC must be used for this digest verification." The SHA1 HMAC in this image is validated by a vanilla OpenSSL installation in the underlying Dockerfile. However, feel free to modify the underlying Dockerfile for use with a FIPS module you validate with your own FIPS 140-2 implementation.
The goal of this project is to provide a convenient image to build/test Erlang software in FIPS mode. It is not suitable for a production deployment when FIPS 140-2 compliance is required.