Ironbank NiFi IMAGE sha256:9de3478b latest-fips-bc, 1.27.0-fips-bc

Hello! I was hoping to understand if I am looking at a bug or misunderstanding something. I have downloaded the podman Ironbank NiFi IMAGE sha256:9de3478b latest-fips-bc, 1.27.0-fips-bc. The bouncycastle and FIPS references in the title lead me to believe this would be a FIPS compliant containerized NiFi implementation; however, I am not seeing that is the case (I think), and I was hoping you could help. My command is looking for a FIPS compliant NiFi implementation. Here is why I am confused (the below are from the shell with the container after running it):

1. FIPS mode is disabled [nifi@af3497919e80 conf]$ fips-mode-setup --check Installation of FIPS modules is not completed. FIPS mode is disabled. [nifi@af3497919e80 conf]$

2)bouncycastle FIPS provider not used for the created keystore/truststore [nifi@af3497919e80 conf]$ keytool -list -keystore keystore.p12 -providerclass org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath JAVA_HOME/lib/bc-fips-1.0.2.3.jar Enter keystore password: [nifi@af3497919e80 conf] keytool -list -keystore keystore.p12 -providerclass org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath $JAVA_HOME/lib/bc-fips-1.0.2.3.jar Enter keystore password: Keystore type: PKCS12 Keystore provider: SUN

Your keystore contains 1 entry

nifi-key, Sep 10, 2024, PrivateKeyEntry, Certificate fingerprint (SHA-256): FD:40:19:A9:52:B1:5E:C7:6E:2D:B3:51:04:77:64:A2:88:76:04:4B:FD:FC:80:C6:CA:8C:AF:8A:AC:0F:7F:62

3)non-FIPS bouncycastle providers still in $NIFI_HOME/lib/bootstrap

I would appreciate any assistance you could provide in understanding how to implement this in a FIPS compliant manner. Thanks in advance!