Enabling
FIPS 140 mode on a new installation
When you install a Smarts product, FIPS 140 is not enabled by default. You must enable FIPS
140 on a clean installation or an upgrade, before the servers are started, using the
following procedure:
- Back up theimk.dat,brokerConnect.conf,serverConnect.confandclientConnect.conffiles from the existing installation. These files are located in theBASEDIR/local/conffolder.The backup is necessary in case you need to disable FIPS 140 mode and remove FIPS 140-2 encryption.
- Run the following command at the command line prompt:sm_rebond --upgrade --basedir=<BASEDIR>/smartssm_rebond --upgrade --basedir=C:\InCharge\SAM\smarts
- When prompted, type a password to regenerate theimk.datfile. The default password isNot a secret.
- Set the value for the parameterSM_FIPS140toTRUEin theruncmd_env.shfile. The file is located under theBASEDIR/smarts/local/confdirectory.