Java CS and CA DLP CMS (Central Management Server) must be in the same FIPS 140 mode before Java CS can use the CA DLP Connector to manage a CA DLP endpoint.
The following table shows the supported configuration modes for Java CS and CA DLP CMS.
|
Java CS |
CA DLP CMS |
Supported |
Connection Type |
|---|---|---|---|
|
FIPS 140 Mode |
FIPS 140 Mode |
Yes |
TLS |
|
Non-FIPS 140 Mode |
Non-FIPS 140 Mode |
Yes |
Unauthenticated SSL |
|
FIPS 140 Mode |
Non-FIPS 140 Mode |
No |
N/A |
|
Non-FIPS 140 mode |
FIPS 140 Mode |
No |
N/A |
The CA DLP Connector detects whether Java CS is running in FIPS 140 mode, and configures itself to communicate with the CA DLP endpoint using a FIPS 140 encrypted connection.
If Java CS and CA DLP CMS are both running in FIPS mode, you must install certificates that the CA DLP CMS trusts on Java CS. The certificates are stored in a keystore, copied from the CA DLP CMS.
If Java CS and CA DLP CMS are both running in non-FIPS 140 mode, the CA DLP CMS uses unauthenticated SSL and a CA DLP keystore file is not required.
|
Copyright © 2013 CA.
All rights reserved.
|
|