I’m researching Duplicati to backup my linux servers. I’m running Ubuntu 18.04 LTS with the FIPS 140-2 certification.
Does Duplicati use the server’s cryptographic module (Ubuntu 18.04 Kernel Crypto API Cryptographic Module) or does it use its own? I believe is its using the servers module, then this would by extension mean Duplicati is also FIPS 140-2 certified, right?
There is also encryption for SSL/TLS, and this is done by underlying code. For Ubuntu that’s probably an instance of BoringSSL. FIPS Certification talks about lack of FIPS-140 in mono. Validated module search:
