Enabling NIST SP800-131A compliance on a server with a stand-alone WebSphere Application Server
The BigFix® Remote Control Server uses the middleware infrastructure that is provided by WebSphere® secure HTTP communications. Therefore, to enable NIST SP800-131A compliance for a manual BigFix® Remote Control Server installation you must configure BigFix® Remote Control Server and WebSphere®.
About this task
To enable NIST SP800-131A compliance for a manual server installation, complete the following steps after you install the server.
Procedure
- Configure WebSphereThe WebSphere® documentation describes how to enable NIST SP800-131A in WebSphere®. Follow the instructions relevant to your version of WebSphere®.
- WebSphere Application Server:®
- WebSphere® Application Server Network Deployment:
- WebSphere® Application Server - Express™:
- Log on to the BigFix® Remote Control Server with a valid admin ID and password.
- Click
- In the common.properties file set sp800131a.compliance to true.
- Click Submit.
- Click .
-
Restart the server service.
For more information about restarting the server service, see Manage the component services. Follow the steps in the section that is relevant to your operating system.
Results
Note: NIST SP800-131A enablement changes in WebSphere®
affect all other applications that are running on that server. Therefore, browser settings for the
users who access those other applications must be changed to support Transport Layer Security (TLS).
To enable TLS in Internet Explorer, complete the following steps.
- Click .
- On the Advanced tab, select Use TLS 1.2.
- Click Apply.
- Click OK.
To enable TLS in Firefox, complete the following steps.
- In the browser, go to the about:config page.
- Click I'll be careful, I promise.
- In the search field search for security.tls.version.max.
- Set the value to 3.