PingAccess

Disabling FIPS Mode

About this task

Disable FIPS Mode to allow the use of non-FIPS compliant encryption. If your environment is clustered, perform this procedure on all nodes.

Steps

  1. Open the <PA Home>/conf/fips-mode.properties file.

  2. Set the pa.fips.mode property to false.

    pa.fips.mode=false

  3. Save and close the <PA Home>/conf/fips-mode.properties file.

  4. If you’re running PingAccess as a windows service, reconfigure the classpath for the libraries required for FIPS mode:

    1. Uncomment the following line:

      # set.default.BC_PATH=../../resource/bc/non-fips

    2. Comment out the following line or the BC_PATH environment variable to ../../resource/bc/fips that you set:

      set.default.BC_PATH=../../resource/bc/fips

    Learn more in the inline comments in the <PA_HOME>/sbin/windows/PingAccessService.conf file.

  5. Restart PingAccess.