Enable FIPS
WebSphere Portal tolerates IBM WAS support of Federal Information Processing Standards (FIPS). You can configure WAS to activate FIPS 140-2 compliant security modules. When you enable FIPS, you can use only FIPS to securely encrypt data. For this reason, also configure FIPS for systems that require secure transactions, which can include HTTP servers and LDAP servers.
You must install WebSphere Portal before enabling FIPS.
The tasks involved in enabling FIPS are specific to Web servers and WAS and do not involve any configuration steps in WebSphere Portal. The WAS Information Center contains several topics with information and instructions for enabling FIPS for HTTP servers. Refer to these topics as appropriate to learn whether you should enable FIPS and, if necessary, what steps to perform.If the portal environment includes an HTTP server and/or LDAP server and/or any other components that use secure connections, consult the appropriate documentation to determine the level of support for FIPS 140-2. However, environment does not have to include an HTTP server and/or LDAP server. You can enable FIPS on an out-of-box WebSphere Portal installation. Likewise, you do not have to enable FIPS for systems that do not require secure transactions. For example, if LDAP server is accessed via the LDAP protocol, rather than the secure LDAPS protocol, you do not need to enable FIPS for that LDAP server.
HTTP serversSee Securing applications at the transport level for Web services in the WAS Information Center for instructions. Note that you should also configure HTTP server to support TLS with FIPS enabled. Refer to the appropriate documentation for instructions.
LDAP serversRefer to the appropriate documentation to configure LDAP over SSL and to enable FIPS.
Enable FIPS for LDAP server only if it requires a secure connection. If you do not use an LDAP server or you do not connect to LDAP server over a secure connection, you do not need to enable FIPS for an LDAP server.
Parent
Securing
Federal Information Processing StandardsWAS v7.0: Securing applications at the transport level for Web services
WAS Network Deployment v7.0: Securing applications at the transport level for Web services