Federation Manager Installation and Upgrade Guide › Migrate Federation Manager to Use FIPS Encryption › How to Migrate from FIPS_COMPAT Mode to FIPS_Only Mode › Deactivate the SSL Configuration

Deactivate the SSL Configuration

The first step to migrate to FIPS Only mode is to deactivate SSL for the Embedded web server or Administrative UI section. If you did not activate SSL to begin with, skip this step.

To deactivate SSL

1. Begin at the SSL Configuration dialog.
2. Deactivate any active service. To do this, click Deactivate in the Embedded web server and/or Administrative UI section.

   A confirmation prompt is displayed asking if you want to disable SSL.

3. Click Yes to complete the deactivation.
4. Restart the federation services according to your operating environment.
   • Windows

     Use the stop and start shortcuts as follows. If you logged in as a network user and not a local administrator, right-click the shortcut and select Run as administrator.

     1. Start, All Programs, CA, FederationManager, Stop services
     2. Start, All Programs, CA, FederationManager, Start services
   • UNIX

     a. Open a command window.

     b. Run the following scripts:

     federation_mgr_home/fedmanager.sh stop

     federation_mgr_home/fedmanager.sh start

   Note: Do not stop and start the services as the root user.

The SSL connection is no longer active and the SSL Configuration Status setting changes to Server cert signed by CA, SSL ready. The certificate and key files remain so you can re-enable SSL.