docs: Update FIPS compliance document (#847)

* docs: Update FIPS compliance document

* docs: Update FIPS compliance document

README.md

@@ -23,12 +23,15 @@ A Node.js interface to the [Box Content API](https://developer.box.com/reference
   - [App Auth Client](#app-auth-client)
 - [Using the Client to Make API Calls](#using-the-client-to-make-api-calls)
   - [Constructing API Calls Manually](#constructing-api-calls-manually)
+- [FIPS 140-2 Compliance](#fips-140-2-compliance)
 - [Versions](#versions)
   - [Supported Version](#supported-version)
   - [Version schedule](#version-schedule)
 - [Questions, Bugs, and Feature Requests?](#questions-bugs-and-feature-requests)
 - [Contributing to the Box Node.js SDK](#contributing-to-the-box-nodejs-sdk)
 - [Changelog](#changelog)
+- [Upgrades](#upgrades)
+- [Documentation](#documentation)
 - [Copyright and License](#copyright-and-license)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
@@ -224,6 +227,15 @@ client.del('/files/123');
 	.catch(error => { /* handle any errors */ });
 ```
 
+## FIPS 140-2 Compliance
+
+The Box Node SDK allows the use of FIPS 140-2 validated SSL libraries, such as OpenSSL 3.0.
+However, some actions are required to enable this functionality.
+
+By default, the version of OpenSSL Node.js includes is not FIPS enabled. Therefore, if you want to use OpenSSL 3.0 with FIPS, you need to [build OpenSSL 3.0 with FIPS enabled](https://github.com/openssl/openssl/blob/master/README-FIPS.md) and then build Node.js use the shared OpenSSL 3.0 library.
+
+According to [Node.js OpenSSL Strategy](https://github.com/nodejs/TSC/blob/main/OpenSSL-Strategy.md) document, you can use the OpenSSL 3.0 from Node.js v16 or later.
+
 ## Versions
 We use a modified version of [Semantic Versioning](https://semver.org/) for all changes. See [version strategy](VERSIONS.md) for details which is effective from 30 July 2022.