Previous Topic: Key Storage for FIPS-Compliant EncrpytionNext Topic: Password Tool Syntax

Configuration GuideSecurity and PermissionsHow To Enable FIPS 140-2 EncryptionPassword Tool

Password Tool

This FIPS-compliant password tool generates an encryption key from the command line. This functionality enables you to copy the generated FIPS key to an external file and use it for encryption.

The Password Tool is a ZIP file located in the following product package:

CA-RCM-12.6.01-CSM-Password-Tools.zip.

Follow these steps:

  1. Edit the pwdtools.bat/pwdtools.sh file for a valid Java path.
    1. Locate and open the pwdtools.bat/pwdtools.sh file in an editor, and locate the following text: 
      IF EXIST "%JAVA_HOME%" goto java_home_exists
    2. Replace the following with a valid Java path: 
      %JAVA_HOME%
    3. Save and close the file.
  2. Set the JAVA_HOME variable
  3. Locate the following ZIP file in the CA GovernanceMinder package: 
    CA-RCM-12.6.01-CSM-Password-Tools.zip.
  4. In the Portal, navigate to Administration, Settings, Common Property Settings and add the following property: 
    fips.file.location=fips_file_location

    Note: fips_file_location is the location of the external file generated by the CSM Password Tool using double backslashes (\\) in the path. For example:

    c:\\sub_folder1\\sub_folder2\\Fipskey.dat.

    If this property is not set, the product generates the FIPS key by default.

To use your external file for FIPS encryption with the product, go to the Portal and navigate to Administration, Settings, Comon Property Settings and add the following property:

fips.file.location=fips_file_location

where fips_file_location is the location of the external file generated by the Password Tool using double backslashes (\\) in the path, for example c:\\sub_folder1\\sub_folder2\\Fipskey.dat. If this property is not set, the product generates the FIPS key by default.