1. Perform steps 1 - 3 as described in the section, “Enabling FIPS 140 mode on a new installation” on page 35.

  2. Go to the <BASEDIR>/CONSOLE/smarts/notif/editor/ or the <BASEDIR>/SAM/smarts/notif/editor folder, and edit the NotifGui.bat/NotifGui.sh file to replace the string, “com.netmg.notif.gui.NotifApplication” with “-Dcom.smarts.fips_mode=true com.netmg.notif.gui.NotifApplication.”

  3. Set the value for the parameter SM_FIPS140 to TRUE in the runcmd_env.sh file. This file is located under the <BASEDIR>/CONSOLE/smarts/local/conf folder of your Global Console installation.

    or

    Use "-Dcom.smarts.fips_mode=true" as a command line parameter for the sm_gui command.

    Note:

    If you install the servers as a service on Linux platforms, the services will start automatically after you issue the sm_rebond command. First stop the services, modify SM_FIPS140=TRUE in the runcmd_env.sh file, and then manually start the services.

    After enabling FIPS 140 mode, when you start the broker and the SAM server, you may see the following message in the server log: 

    “CI-W-NOCGSS-No certificate loaded for INCHARGE-AM, generating self-signed certificate.”

    This message is generated because FIPS 140 requires secure communication, which can be achieved using SSL. If this certificate is not available, the SAM Manager generates a self-signed certificate. This message is benign in nature and does not impact functionality.