Disabling FIPS
140
You can disable FIPS 140 mode.
Replace the
imk.dat, brokerConnect.conf, serverConnect.conf
, and
clientConnect.conf
files in the
<BASEDIR>/smarts/local/conf
folder, with the copies saved from
prior to enabling FIPS 140.
If you do not have a
copy of these files saved, contact technical support.
- Set the value for theSM_FIPS140parameter toFALSEin theruncmd_env.shfile.
- Downgrade theimk.datand the*Connect.conffiles with encrypted passwords.RPS files started under FIPS mode cannot be re-used in non-FIPS mode. Domains will have to be started either from scratch or pre FIPS RPS files can be used in cases where topologies have not changed. Restoring from older RPS files may not be productive as it will not contain any recent topology.
- Restart all processes, such as the domain,Broker, and the console.Do not remove the Unlimited Strength Jurisdiction Policy JAR files.