Previous Topic: For UNIX Installations in Non-Default Directories, Update the ca_wa_env.sh File Manually (72693)

Next Topic: Windows 2008 SP2 Silent Installation and DLL Files

Back Channel Connections Using AES Ciphers Fail on IIS 6.0

By default, the IIS 6.0 Web Server does not support the AES cipher suites. As a result, attempts to establish a back channel connection using only AES ciphers fail when running in FIPS-Only mode.

Workaround

To use AES cipher (non-FIPS 140) certificates for the back channel while running in FIPS-only mode, apply the following Windows update to add support for the AES cipher suites in Windows Server 2003:

http://support.microsoft.com/kb/948963/en-us

If you require a fully compliant FIPS-only environment, use only back channel certificates that are compatible with FIPS 140.


Copyright © 2010 CA. All rights reserved. Email CA about this topic