Setting the Policy Server to FIPS-only mode configures the Policy Server to only read and write encrypted information using FIPS-compliant algorithms.
Important! Password Services locks out users whose Password Blobs are not re-encrypted when the Policy Server is operating in FIPS-only mode. A user cannot regain access until you have deleted the Password Blob and cleared any disabled flags. Deleting the Password Blob results in the loss of the user's password history.
Note: More information on identifying Password Blobs that are not re-encrypted exists in Verify that Password Blobs are Re-encrypted.
To set the Policy Server to FIPS-only mode
setFIPSonly
ONLY appears in the command window.
Note: More information on stopping and starting the Policy Server exists in the Policy Server Administration Guide.
Policy Server employing only FIPS-140 cryptographic algorithms.
The Policy Server is set to operate in FIPS-only mode.
You may now re-register each Administrative UI with its respective Policy Server.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |