- Perform steps 1 - 3 as described in the section, Enabling FIPS 140 mode on a new installation
- Go to the <BASEDIR>/CONSOLE/smarts/notif/editor/ or the <BASEDIR>/SAM/smarts/notif/editor folder, and edit the NotifGui.bat/NotifGui.sh file to replace the string, “com.netmg.notif.gui.NotifApplication” with “-Dcom.smarts.fips_mode=true com.netmg.notif.gui.NotifApplication.”
- Set the value for the parameter SM_FIPS140 to TRUE in the runcmd_env.sh file. This file is located under the <BASEDIR>/CONSOLE/smarts/local/conf folder of your Global Console installation.
Use "-Dcom.smarts.fips_mode=true" as a command line parameter for the sm_gui command.Note: If you install the servers as a service on Linux platforms, the services will start automatically after you issue the sm_rebond command. First stop the services, modify SM_FIPS140=TRUE in the runcmd_env.sh file, and then manually start the services.After enabling FIPS 140 mode, when you start the broker and the SAM server, you may see the following message in the server log:
“CI-W-NOCGSS-No certificate loaded for INCHARGE-AM, generating self-signed certificate.”
This message is generated because FIPS 140 requires secure communication, which can be achieved using SSL. If this certificate is not available, the SAM Manager generates a self-signed certificate. This message is benign in nature and does not impact functionality.