Enabling FIPS compliance on a server installation with a stand-alone WebSphere Application Server
About this task
The BigFix® Remote Control Server uses the middleware infrastructure that is provided by WebSphere® secure HTTP communications. Therefore, to enable FIPS for a manual BigFix® Remote Control Server installation requires that you configure WebSphere® for FIPS-compliant mode. You must also configure the BigFix® Remote Control Server through a setting in the common.properties configuration file.
To enable FIPS compliance for a manual installation, complete the following steps:
Procedure
-
Configure WebSphere
The WebSphere® documentation describes how to enable FIPS mode in WebSphere®.
- WebSphere® Application Server:
- WebSphere® Application Server Network Deployment:
- WebSphere® Application Server - Express™:
Note: Running in FIPS mode in IBM® WebSphere® with the IBM® JRE and the IBM® JSSE provider currently does not work when you use an MS SQL database. These options work with MS SQL when FIPS is not enabled in IBM® WebSphere. - Log on to the BigFix® Remote Control Server with a valid admin ID and password.
- Click
- In the common.properties file set FIPS.compliance to true.
- Click Submit.
- Click .
Results
Note: The FIPS enablement changes in WebSphere affect all other applications that are running on
the server. Therefore, browser settings for the users who access the other applications must be
changed to support Transport Layer Security (TLS), if required by their browser version.
For example, to enable TLS in Internet Explorer complete the following steps:
- Click .
- On the Advanced tab, select Use TLS 1.0.
- Click Apply
- Click OK.