How To Enable FIPS 140-2 Encryption

Installation Guide › Configuring the Server Post Installation › Optional Configuration Procedures › How To Enable FIPS 140-2 Encryption

How To Enable FIPS 140-2 Encryption

FIPS 140-2 is a US federal standard that dictates the security requirements for cryptographic modules utilized within a security system protecting sensitive information in computer systems.

CA RCM makes limited use of encryption, primarily to protect passwords and other information used to access other applications, databases, or operating environments.

To enable FIPS 140-2 compliant encryption in CA RCM, do the following:

Implement Transport Layer Security (TLS/SSL) protection at the application server level.
Provide an acceptable level of key (passphrase) security.
Download and install Java security components.
Configure CA RCM to use FIPS-certified encryption algorithms. CA uses the RSA Crypto‑J library for FIPS-compliant encryption.

Important! If FIPS-compliant encryption is adopted after CA RCM begins to function, inconsistencies can result. Previously encrypted data can be rendered inaccessible, and passwords must be redefined. Select algorithms and a key storage method, and implement FIPS-compliant encryption immediately after installation, before you begin to work with CA RCM.

More information:

Portal Support for SSL-Encrypted Communication

SSL, Authentication, and Certificates

Email CA Technologies about this topic