Installation GuideConfiguring the Server Post InstallationOptional Configuration ProceduresHow To Enable FIPS 140-2 Encryption › Configure FIPS Encryption

Previous Topic: Install Java components for FIPS on JBoss/Windows Servers

Next Topic: Configure JBoss as a Windows Service
Configure FIPS Encryption

By default, CA RCM does not use FIPS-compliant encryption. You enable FIPS-compliant algorithms and key handling to implement FIPS encryption.

Note: You must have administrator-level rights in the CA RCM portal to perform this procedure.

To configure FIPS encryption

  1. Click Administration, Settings from the main menu of the CA RCM portal.

    The Settings menu appears.

  2. Click Common Properties Settings.
  3. Modify the following parameters to enable and configure FIPS-compliant encryption:
    pbe.fips.enabled

    Specifies if CA RCM uses FIPS-compliant encryption algorithms.

    • True—Use FIPS-compliant encryption.
    • False—Use non-compliant encryption.
    passphrase.getter.class

    Defines the Java class that is used to retrieve the encryption key.

    pbe.provider

    Defines the provider of the FIPS-compliant algorithms. Leave this property blank to use the RSA JSafeJCE algorithms that CA provides. If you specify another provider, copy that algorithm set to all computers running the CA RCM server.

    Note: To save changes to a property, select Database Property from the Type drop-down list, and click Save.

  4. Restart the CA RCM server or server cluster.