Previous Topic: Install Java Components for FIPS on JBoss/Windows ServersNext Topic: JBoss 5.1 FIPS Configuration

Configuration GuideSecurity and PermissionsHow To Enable FIPS 140-2 EncryptionConfigure FIPS Encryption

Configure FIPS Encryption

Out-of-the-box, CA GovernanceMinder does not use FIPS-compliant encryption. You can enable FIPS-compliant algorithms and key handling to implement FIPS encryption.

Important! You need administrator level rights in the Portal to perform this procedure.

Follow these steps:

  1. (JBoss 5.1) Explode ear and war files.
  2. In the CA GovernanceMinder portal, go to Administration, Settings.

    The Settings menu appears.

  3. Click Common Properties Settings, and modify these parameters:
    pbe.fips.enabled

    Specifies if CA GovernanceMinder uses FIPS-compliant encryption algorithms.

    • True—Use FIPS-compliant encryption.
    • False—Use non-compliant encryption.
    passphrase.getter.class

    Defines the Java class that is used to retrieve the encryption key.

    pbe.provider

    Defines the provider of the FIPS-compliant algorithms. To use the RSA JSafeJCE algorithms that CA provides, leave this property blank. If you specify another provider, copy that algorithm set to all computers running the CA GovernanceMinder server.

    Note: To save changes to a property, select Database Property from the Type drop-down list, and click Save.

  4. Restart the CA GovernanceMinder server or server cluster.