Federation Manager GuideMigrate Federation Manager to Use FIPS EncryptionHow To Migrate from FIPS_COMPAT Mode to FIPS-Only ModeObtain FIPS-Compatible SSL Certificates (Optional) › Upload the FIPS-Compatible Certificate

Previous Topic: Request a FIPS-Compatible Server Certificate

Next Topic: Open Format Cookie Details
Upload the FIPS-Compatible Certificate

After you acquire a new certificate, upload it to the key store. If you requested more than one certificate, upload each one separately.

To upload a new certificate

  1. Navigate to Infrastructure, SSL Configuration.

    The SSL Configuration dialog displays.

  2. Click Browse next to the Signed Certificate Response field to locate the new signed response file.

    Note: You only need one key and certificate pair for the SSL features because SSL does not support more than one pair.

  3. Select the CA that signed the SSL certificate from the pull-down menu in the CA Certificate field.

    If the CA certificate is not in the key store, import a copy of the CA certificate used to sign the SSL certificate request.

  4. Click Import to import the certificate and complete the import steps.
  5. Click Apply to upload the server certificate to Federation Manager.

    A confirmation message is displayed and the SSL Configuration changes to reflect that the certificate is now updated.

  6. Click Activate and restart the SSL configuration.

    The FIPS Approved status must read True, indicating the certificate is FIPS-compatible.

  7. Restart the Federation Manager services, according to your operating environment.

The server certificates for SSL configuration are now FIPS-compatible.

Copyright © 2010 CA. All rights reserved. Email CA about this topic