Enabling FIPS compliance on the controller

The Remote Control controller is a Java application that requires a FIPS certified cryptographic provider when FIPS compliance is enabled. In FIPS-compliant mode the Remote Control controller supports the BC-FJA (Bouncy Castle FIPS Java API) with the IBM Semeru Runtime Open Edition JRE on Windows, Linux and MacOS.

About this task

Starting from Remote Control Version 10.0 0 Update 6 (Build number 0612 or higher), the controller installation packages include the BC-FJA (Bouncy Castle FIPS Java API) FIPS certified cryptographic provider with the IBM® Semeru Runtime Open Edition JRE. When the controller is started from the Server Managed on OnDemand mode the FIPS compliance is controlled by a setting in the .trcjws start file.
Note: Only required if you are running the controller locally for establishing peer-to-peer sessions.
To set FIPS compliance on the Controller when operating in peer to peer mode update the local configuration as follows:
Edit the trc_controller.cfg file on the system that the controller is installed on.
Windows® systems
[controller install dir]\trc_controller.cfg

Where [controller install dir] is the installation directory that is chosen when you install the controller.

Linux® / UNIX® systems
/opt/bigfix/trc/controller/trc_controller.cfg

Set the fips.compliance property to True and save the file.

Results

Check to see whether the controller is configured for FIPS by completing the following step during a remote control session.

  • Click Controller tools > Show session information in the controller window.