You can activate or deactivate FIPS-validated cryptography on the vCenter Server Appliance by using HTTP requests. FIPS-validated cryptography is deactivated by default.

You can use various ways to execute HTTP requests. This task shows how to use the Developer Center in the vSphere Client to activate and deactivate the FIPS-validated cryptography on the vCenter Server Appliance. See VMware vCenter Server Management Programming Guide for more information about using APIs to work with the vCenter Server Appliance.

Procedure

  1. Log in to the vCenter Server system with the vSphere Client.
  2. From the Menu, select Developer Center.
  3. Click API Explorer.
  4. From the Select API drop-down menu, select appliance.
  5. Scroll down through the categories and expand system/security/global_fips.
  6. Expand GET and click Execute under Try it out.
    You can view the current setting under Response.
  7. Change the setting.
    1. To activate FIPS, expand PUT, enter the following in the request_body, and click Execute.
      {
      "enabled":true
      }
    2. To deactivate FIPS, expand PUT, enter the following in the request_body, and click Execute.
      {
      "enabled":false
      }

Results

The vCenter Server Appliance reboots after you activate or deactivate the FIPS-validated cryptography.