ssl-fips-enabled

ssl-fips-enabled

ssl-fips-enabled = {yes|no}

Description
Determines whether Federal Information Process Standards (FIPS) mode is enabled with runtime security services SOAP. Notes:
If no configuration entry is present, the setting from the global setting, determined by the Verify Access policy server, takes effect.
The [rtss-cluster:<cluster>] ssl-nist-compliance setting can override this entry. If ssl-nist-compliance is set to yes, FIPS mode processing is automatically enabled.

Options

yes FIPS mode is enabled.
no FIPS mode is disabled.

Usage: This stanza entry is required if both of the following conditions are true:
One or more of the cluster server entries use SSL. That is, at least one server entry specifies a URL that uses the HTTPS protocol.
A certificate is required other than the default certificate used by WebSEAL when communicating with the policy server.
If this entry is required, but it is not specified in the [rtss-cluster:<cluster>] stanza, WebSEAL uses the value in the global [ssl] stanza.
Default: None. To use a FIPS level that is different to the Verify Access policy server, edit the configuration file and specify a value for this entry.
Example:
ssl-fips-enabled = yes

Parent topic: [rtss-cluster:<cluster>] stanza