When you install a 10.1.7 product, FIPS 140 is not enabled by default. You must enable FIPS 140 on a clean installation or an upgrade, before the servers are started, using the following procedure:
-
Back up the imk.dat, brokerConnect.conf, serverConnect.conf and clientConnect.conf files from the existing installation. These files are located in the BASEDIR/local/conf folder.
Note:The backup is necessary in case you need to disable FIPS 140 mode and remove FIPS 140-2 encryption.
-
Run the following command at the command line prompt:
sm_rebond --upgrade --basedir=< BASEDIR >/smarts sm_rebond --upgrade --basedir=C:\InCharge\SAM\smarts
-
When prompted, type a password to regenerate the imk.dat file. The default password is Not a secret.
-
Set the value for the parameter SM_FIPS140 to TRUE in the runcmd_env.sh file. The file is located under the BASEDIR/smarts/local/conf directory.