FIPS support is Preview in v26.1 and will be GA in v26.2
CockroachDB v26.1 has been upgraded to use Go's native FIPS 140-3 support, transitioning from a previous OpenSSL-based approach. v26.1 is built with GOFIPS140=latest, which uses the current (non-frozen) implementation of the FIPS 140-3 Go Cryptographic Module v1.0.0 as it ships with Go 1.25. This version is not under NIST review and will not be FIPS 140-3 validated. v26.2 will complete this transition by using GOFIPS140=v1.0.0, which locks to the frozen v1.0.0 module from early 2025. The frozen module is on the CMVP Modules In Process List and can be deployed in certain regulated environments.
FIPS support is therefore marked as Preview in CockroachDB v26.1 and will return to General Availability (GA) status in v26.2.
As an Innovation release, CockroachDB v26.1 can be skipped. Production clusters running a v25.4 FIPS binary should be upgraded directly to a v26.2 FIPS binary (available May 2026) for continuous GA support of FIPS.
Recommendation for Production Deployments:
- Current FIPS users: Stay on v25.4 or wait for v26.2.
- New FIPS deployments: Wait for v26.2, or start on v25.4 and later upgrade directly to v26.2.
- Testing/non-production: v26.1 can be used for testing and evaluation.
What "FIPS support" means
When CockroachDB documentation refers to "FIPS support" or "FIPS-ready" deployments, this means CockroachDB can be configured to use FIPS 140-3-approved cryptographic algorithms and operate in accordance with a FIPS 140-3 cryptographic module's Security Policy. It does not mean that CockroachDB itself is FIPS 140-3 validated.
CockroachDB v26.1 uses the current (non-frozen) implementation of the Go FIPS 140-3 Cryptographic Module, which is not under NIST review and will not be FIPS 140-3 validated. v26.2 will use the frozen module version submitted for CMVP validation, enabling FIPS 140-3 validated operation upon module certification.
Overview of FIPS-ready CockroachDB
Federal Information Processing Standards (FIPS) 140-3 is a U.S. government standard that specifies security requirements for cryptographic modules. FIPS 140-3 provides measurable security guidelines for protecting sensitive but unclassified information. The standard is applicable to all federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems. U.S. and Canadian governments, as well as organizations working with them, may be subject to FIPS 140-3 requirements.
The Cryptographic Module Validation Program (CMVP) validates cryptographic modules to FIPS 140-3 and other cryptography-based standards. When a cryptographic module or library has a FIPS 140-3 certificate, it has been tested and formally validated under the CMVP as meeting the requirements for FIPS 140-3.
FIPS-ready CockroachDB binaries and Docker images are available for CockroachDB v23.1.0 and later. FIPS-ready CockroachDB runtimes run on Intel 64-bit Linux systems.
Starting with v26.1, FIPS-ready CockroachDB binaries are built using Go 1.25's native FIPS 140-3 support. The cryptographic operations are performed by Go's built-in cryptographic modules, which are independent of the host operating system's libraries. This represents a significant architectural change from previous versions (v25.4 and earlier), which used Red Hat's golang-fips toolchain with OpenSSL.
Migration from FIPS 140-2 to FIPS 140-3
Previous versions of CockroachDB (v25.4 and earlier) supported FIPS 140-2. Starting with v26.1, CockroachDB supports a cryptographic module designed for FIPS 140-3 support, though the version of that module that is in review by NIST for FIPS 140-3 certification will not be used by CockroachDB until v26.2. (Refer to the note on Go's native FIPS support at the top of this page.)
FIPS 140-2 will transition to historical status on September 22, 2026, per NIST's FIPS 140-3 Transition Effort.
For details about cryptographic algorithms and key lengths used by CockroachDB, refer to Details About Cryptographic Algorithms.
FIPS-ready features
When you use a FIPS-ready CockroachDB runtime, Cockroach Labs has verified that cryptographic operations in the following contexts meet the requirements of FIPS 140-3:
- Encryption At Rest
- Encrypted Backups
- Change Data Capture to Kafka over TLS
- Certificate-based Node-to-Node and Client-to-Node Authentication
- SASL SCRAM-SHA-256 Password Authentication
- SQL Cryptographic Built-in Functions
This page shows how to install and configure a FIPS-ready CockroachDB self-hosted runtime using Go's native FIPS 140-3 support.
Performance considerations
When comparing performance of the same workload in a FIPS-ready CockroachDB runtime to a standard CockroachDB runtime, some performance difference may be observed. The amount of performance impact depends upon the workload, cluster configuration, query load, and other factors.
Upgrading to a FIPS-ready CockroachDB runtime
Upgrading an existing CockroachDB cluster's binaries in-place to be FIPS-ready is not supported.
Operating System Requirements
FIPS-ready CockroachDB v26.1 uses Go's native cryptographic module, which is independent of the host operating system's libraries. The FIPS-ready binary can run on any Intel 64-bit Linux system.
The FIPS-ready CockroachDB Docker images are based on Red Hat's Universal Base Image 10. To use the FIPS-ready CockroachDB Docker image, skip directly to that section of this page.
Extend Red Hat's Universal Base Image 10 Docker image
If you do not want to use the FIPS-ready CockroachDB Docker image directly, you can create a custom Docker image based on Red Hat's Universal Base Image 10:
- You can model your Dockerfile on the one that Cockroach Labs uses to produce the FIPS-ready Docker image for CockroachDB.
- The FIPS-ready binary includes the FIPS 140-3 Go Cryptographic Module and does not require additional system libraries to be installed.
Download FIPS-ready runtimes
To download FIPS-ready CockroachDB runtimes, use the following links.
Testing releases
| Version | Date | Intel 64-bit Downloads | Intel 64-bit Docker Images |
| v26.1.0-rc.1 | 2026-01-22 |
cockroachdb/cockroach:v26.1.0-rc.1-fips
|
|
| v26.1.0-beta.3 | 2026-01-14 |
cockroachdb/cockroach:v26.1.0-beta.3-fips
|
|
| v26.1.0-beta.2 | 2026-01-07 |
cockroachdb/cockroach:v26.1.0-beta.2-fips
|
|
| v26.1.0-beta.1 | 2025-12-17 |
cockroachdb/cockroach:v26.1.0-beta.1-fips
|
|
| v26.1.0-alpha.2 | 2025-12-11 |
cockroachdb/cockroach:v26.1.0-alpha.2-fips
|
|
| v26.1.0-alpha.1 | 2025-12-04 |
cockroachdb/cockroach:v26.1.0-alpha.1-fips
|
Install the FIPS-ready CockroachDB runtime
After you download a FIPS-ready CockroachDB binary, install it in the same way as the standard binary. Refer to Install CockroachDB on Linux.
Upgrading from v25.4 FIPS to v26.1 FIPS
CockroachDB v26.1 represents a major architectural change in FIPS implementation, transitioning from the previous OpenSSL-based approach to Go's native FIPS cryptographic module. Because FIPS support is Preview in v26.1 and will return to GA in v26.2, production FIPS-ready clusters should remain on v25.4 or wait for v26.2.
Upgrading an existing CockroachDB cluster's binary in-place from non-FIPS to FIPS is not supported. Instead, you can restore your cluster to a new FIPS-ready cluster.
Verify that CockroachDB is FIPS-ready
To verify that the CockroachDB binary is FIPS-ready, use the cockroach version command and check for the FIPS enabled field:
cockroach version | grep -i fips
FIPS enabled: true
This indicates that CockroachDB was built with Go's native FIPS 140-3 support.
Change from previous versions: In v25.4 and earlier, FIPS-ready binaries showed fips appended to the Go version (e.g., go1.19.5fips). Starting with v26.1, FIPS status is indicated by the FIPS enabled: true field.
Use the FIPS-ready CockroachDB Docker image
The FIPS-ready CockroachDB Docker image is based on Red Hat Universal Base Image 10 and includes the FIPS-ready CockroachDB binary.
Go to Download FIPS-ready Runtimes and copy the name of a FIPS-ready Docker image tag. The image tag format is
cockroachdb/cockroach:v26.1.0-fips(replace with the specific version).Pull the Docker image locally, create a new container that uses it, run the container, and attach to it. The following example gives the running container the name
cockroachdb-fips-container. Replace{image_tag}with the name of the Docker image tag you copied.docker run {image_tag} --name="cockroachdb-fips-container" -iIn the running container, verify that CockroachDB is FIPS-ready.
To stop the container, use
CTRL-C. To detach from the container but keep it running in the background, use the sequenceCTRL+P+CTRL+Q.
Password Requirements in FIPS Mode
FIPS 140-3 has stricter requirements for password length compared to FIPS 140-2. When running a FIPS-ready CockroachDB binary, the minimum password length is 14 characters. This aligns with NIST's recommendation that HMAC keys should have a length of at least 112 bits, which translates to 14 ASCII characters.
Important for upgrades: Users with passwords shorter than 14 characters may be locked out when upgrading to v26.1 FIPS from an earlier version. Ensure all user passwords meet the minimum length requirement before upgrading.
Details about cryptographic algorithms
This section provides more information about the cryptographic algorithms and key lengths used by FIPS-ready CockroachDB.
Authentication
Inter-node and node identity
Algorithm: TLS 1.3 (RFC 8446).
Refer to Using Digital Certificates with CockroachDB.
Client identity
Password authentication
Algorithm: bcrypt or scram-sha-256.
Refer to SASL/SCRAM-SHA-256 Secure Password-based Authentication.
Client certificates
Algorithm: TLS 1.3 (RFC 8446).
Refer to Using Digital Certificates with CockroachDB.
GSSAPI / Kerberos
Not supported for FIPS-ready deployments.
SASL / SCRAM password authentication
Algorithm: scram-sha-256.
Refer to SASL/SCRAM-SHA-256 Secure Password-based Authentication.
JSON Web Tokens (JWTs)
Algorithms: Specified by the server.jwt_authentication.jwks cluster setting.
Refer to Cluster Single Sign-on (SSO) using a JSON web token (JWT).
DB Console Authentication via OIDC
Algorithm: Specified by the identity provider (IdP) as part of the OIDC handshake process.
Refer to Single Sign-on (SSO) for DB Console.
HTTP API access via login tokens
Algorithm: sha256 (RFC 6234).
Encryption
In flight
Algorithm: TLS 1.3 (RFC 8446).
Key sizes: Depends upon the cipher suite in use:
TLS 1.2:
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384- If the
COCKROACH_TLS_ENABLE_OLD_CIPHER_SUITESenvironment variable is set: tls.TLS_RSA_WITH_AES_128_GCM_SHA256tls.TLS_RSA_WITH_AES_256_GCM_SHA384
TLS 1.3:
TLS_AES_128_GCM_SHA256TLS_AES_256_GCM_SHA384
At rest
Customer-managed backups
AWS
Default encryption provided by the AWS Encryption SDK.
GCP
Default encryption provided by Google Cloud.
Data Encryption at Rest (EAR)
Algorithm: Advanced Encryption Standard (AES) encryption, in counter (CTR) mode.
Key sizes: The store key is specified by the user, and can be of length 16, 24, or 32 bytes (corresponding to AES-128, AES-192, or AES-256). Data keys are the same length as the store key.
