Enabling FIPS 140 mode on a new installation

When you install a
product, FIPS 140 is not enabled by default. You must enable FIPS 140 on a clean installation or an upgrade, before the servers are started, using the following procedure:
  1. Back up the
    imk.dat
    ,
    brokerConnect.conf
    ,
    serverConnect.conf
    and
    clientConnect.conf
    files from the existing installation. These files are located in the
    BASEDIR/local/conf
    folder.
    The backup is necessary in case you need to disable FIPS 140 mode and remove FIPS 140-2 encryption.
  2. Run the following command at the command line prompt:
    sm_rebond --upgrade --basedir=<
    BASEDIR
    >/smarts
    sm_rebond --upgrade --basedir=C:\InCharge\SAM\smarts
  3. When prompted, type a password to regenerate the
    imk.dat
    file. The default password is
    Not a secret
    .
  4. Set the value for the parameter
    SM_FIPS140
    to
    TRUE
    in the
    runcmd_env.sh
    file. The file is located under the
    BASEDIR/smarts/local/conf
    directory.