Configure CA EEM Server in FIPS-only Mode

CA EEM Getting Started › FIPS 140-2 Support › How to Configure CA EEM Server in FIPS-only Mode › Configure CA EEM Server in FIPS-only Mode

Configure CA EEM Server in FIPS-only Mode

When you configure CA EEM Server in FIPS-only mode, CA EEM uses only FIPS 140-2 compliant cryptographic libraries to encrypt and decrypt sensitive data.

Notes:

In FIPS-only mode, use IE7 (or above) or Firefox 3.0 (or above) to view the CA EEM admin GUI. For more information about how to configure Firefox in FIPS 140-2 mode, see the Firefox support site.
The following procedure is also valid for changing the security mode of the CA EEM Server from FIPS-only to non-FIPS or non-FIPS to FIPS -only.

To configure CA EEM in FIPS-only mode

Stop iGateway service.
Stop the CA Directory services using the following commands:
Windows
```
dxserver stop all
```
Linux and UNIX
```
su - dsa -c "dxserver stop all"
```
Open the iGateway.conf file and set the following tag to ON:
```
<FIPSMode>ON<FIPSMode>
```
Note: To change the mode from FIPS-only to non-FIPS, set FIPSMode tag to OFF.
Start the CA Directory services using the following commands:
Windows
```
dxserver start all
```
Linux and UNIX
```
su - dsa -c "dxserver start all" 
```
Start iGateway service.
CA EEM is configured in a FIPS-only mode.

Email CA Technologies about this topic