Set the Policy Server to FIPS-only Mode

Installation Guides › Upgrade Guide › Using FIPS-Compliant Algorithms › How to Configure FIPS-only Mode › Set the Policy Server to FIPS-only Mode

Set the Policy Server to FIPS-only Mode

Setting the Policy Server to FIPS-only mode configures the Policy Server to only read and write encrypted information using FIPS-compliant algorithms.

To set the Policy Server to FIPS-only mode

Open a command prompt from the machine hosting the Policy Server and run the following command:
```
setFIPSonly
```
ONLY appears in the command window.
Stop the Policy Server.
Note: More information on stopping and starting the Policy Server exists in the Policy Server Administration Guide.
Do one of the following:
- If the Policy Server is installed on a Windows system, reboot the machine.
- If the Policy Server is installed on a UNIX system, do the following:
  1. Log in as the user that is used to start the Policy Server
  2. Open a command prompt
  3. Navigate to policy_server_home
  4. Run the following command: . ./ca_ps_env.ksh
Start the Policy Server.
Open the smps.log file and verify that the following line appears:
```
Policy Server employing only FIPS-140 cryptographic algorithms.
```
Close the log file.
The Policy Server is set to operate in FIPS-only mode.
Repeat the latter steps for each Policy Server in the environment.

You may now re-register each Administrative UI with its respective Policy Server.

Email CA Technologies about this topic