CA SiteMinder® Federation Standalone Installation and Upgrade Guide › Migrate CA SiteMinder® Federation Standalone to Use FIPS Encryption › How to Migrate from FIPS_COMPAT Mode to FIPS_Only Mode › Set the Policy Engine to FIPS_MIGRATE Mode
Set the Policy Engine to FIPS_MIGRATE Mode
The first step to migrate to FIPS_Only mode is to configure the policy engine in FIPS_MIGRATE mode.
Follow these steps:
- Check that CA SiteMinder® Federation Standalone is in COMPAT mode. If it is not, reinstall and configure it to run in COMPAT mode.
- From a command prompt, run the setFIPSmigration command, as follows:
- Windows
-
Enter setFIPSmigration
- UNIX
-
- Navigate to federation_install_dir/siteminder/bin.
- Enter setFIPSmigration.ksh
- Run the environment script, ca_federation_env.ksh to set the environment variables.
The migration process begins.
- Do one of the following:
- Windows
-
Reboot the CA SiteMinder® Federation Standalone system.
- UNIX
-
Restart the CA SiteMinder® Federation Standalone services by executing the following scripts from a command window:
- federation_install_dir/fedmanager.sh stop
- federation_install_dir/fedmanager.sh start
Note: Do not stop and start the services as the root user. You must be a non-root user.
- Look at the smps.log file to verify that the policy engine is now in MIGRATE mode.
The location of the log file is federation_install_dir/logs/server/smps.log.
The policy engine is now operating in FIPS_MIGRATE mode.
Copyright © 2013 CA.
All rights reserved.
|
|