Enable FIPS 140-2 compliant cryptography

Check out this video (7:04) for information about configuring WHD to be FIPS compatible.

Beginning in Web Help Desk 12.4.0, you can configure a new or existing Web Help Desk deployment for Federal Information Processing Standard (FIPS) 140-2 compliant cryptography. This compliance is required for computer systems installed in U.S. Federal Government agencies and companies in a regulated industry (such as healthcare and financial institutions) that share and distribute sensitive but unclassified (SBU) information.

If you are enabling FIPS in a new deployment, complete the installation procedures for a new deployment.

If you are enabling FIPS in an existing deployment:

  1. Complete the installation procedures for an existing deployment.
  2. Prepare for the database migration by running the Password Security Migration Tool.
  3. Migrate all client and tech passwords to FIPS 140-2 cryptography.

Enabling FIPS 140-2 compliant cryptography is optional and is not required to use Web Help Desk.

Network Security Services

The FIPS cryptography implements Network Security Services (NSS)—a set of open-source cryptographic libraries developed by Mozilla that support security-enabled client and server applications. When integrated with NSS, Web Help Desk can support public-key cryptography standards #11 (PKCS #11) certificates for FIPS compliance.

All connections through SSL to the external tools require a trusted certificate to be imported into the NSS database.

CA and self-signed certificates

After you configure FIPS in your deployment, you can obtain and import a signed certificate by a trusted Certificate Authority (for production environments) or a self-signed certificate (for test environments) to your NSS database to authenticate your Web Help Desk server identity in a secure HTTPS connection. When completed, your deployment is FIPS 140-2 compliant.

Web Help Desk 12.4.0 and later supports FIPS mode on supported Windows 64-bit operating systems.

Before you begin

Enabling FIPS 140-2 compliant cryptography requires careful planning and coordination with IT management and corporate personnel for a successful implementation. Review the requirements and procedures in this section to ensure you have the appropriate amount of time, hardware, software, and resources for your deployment.

FIPS 140-2 compliant cryptography is not recommended in a multiple-instance environment.

After you enable FIPS 140-2 compliant cryptography in your Web Help Desk deployment, you cannot revert back to your previous configuration.


SolarWinds recommends reviewing the following requirements before you enable FIPS 140-2 compliant cryptography in your Web Help Desk deployment.

Component Requirement
Web Help Desk 12.4.x and later
Hardware system Non-virtualized platform
Operating system

Windows Server 2012 (64-bit)

Windows Server 2012 R2 (64-bit)

Windows Server 2016

Windows Server 2019

Database 1

MySQL 5.7

PostgreSQL 9.2 (embedded)

PostgreSQL 9.3.2 (embedded)

PostgreSQL 9.4 (embedded)

PostgreSQL 9.6 (embedded)

SQL Server 2008 R2 SP3 2

SQL Server 2012 SP1 2

SQL Server 2014 2

SQL Server 2016 2

SQL Server 2017 2


Active Directory 2012

Active Directory 2012 R2

Open Directory 4

OpenLDAP 2.4

OpenLDAP 2.4.42

Mail server and protocols

Exchange Server 2010

Exchange Server 2013 CU7

Exchange Server 2016

Office 365

SMTP v3 3

Asset discovery connections

MySQL 5.7

SQL Server 2012 SP1

SQL Server 2014

SQL Server 2016

Windows Management Instrumentation (WMI)

Web browser

Google Chrome (Latest version)

Mozilla Firefox (Latest version)

Internet Explorer 9, 10, and 11

SolarWinds Integration

SolarWinds Network Configuration Manager

SolarWinds Network Performance Monitor

SolarWinds Server and Application Monitor

1 Single instance only.

2 SSL connections are not supported. Additionally, SolarWinds recommends running the database server on the same physical server running the Web Help Desk instance.

3 MD5 authentication is not supported.