|
|
|
The Java CS and the CA DLP CMS (Central Management Server) must be in the same FIPS 140 mode before the Java CS can use the CA DLP Connector to manage a CA DLP endpoint.
The following table shows the supported configuration modes for the Java CS and CA DLP CMS.
|
Java CS |
CA DLP CMS |
Supported |
Connection Type |
|---|---|---|---|
|
FIPS 140 Mode |
FIPS 140 Mode |
Yes |
TLS |
|
Non-FIPS 140 Mode |
Non-FIPS 140 Mode |
Yes |
Unauthenticated SSL |
|
FIPS 140 Mode |
Non-FIPS 140 Mode |
No |
N/A |
|
Non-FIPS 140 mode |
FIPS 140 Mode |
No |
N/A |
The CA DLP Connector detects whether the Java CS is running in FIPS 140 mode, and configures itself to communicate with the CA DLP endpoint using a FIPS 140 encrypted connection.
If the Java CS and the CA DLP CMS are both running in FIPS mode, you must install certificates that the CA DLP CMS trusts on the Java CS. The certificates are stored in a keystore, copied from the CA DLP CMS.
If the Java CS and the CA DLP CMS are both running in non-FIPS 140 mode, the CA DLP CMS uses unauthenticated SSL and a CA DLP keystore file is not required.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |