Enabling FIPS Mode for SSL (HTTPS and FTPS) Connections

Refer to FIPS-Certified Libraries for detailed information about FIPS before enabling FIPS mode.

After you enable or disable FIPS mode, you must restart the EFT Server service.

To enable FIPS mode for SSL Connections

1. In the administration interface, connect to EFT Server and click the Server tab.

2. In the left pane, click the Server node on which you want to enable FIPS mode.

3. In the right pane, click the Security tab.

4. In the Federal Information Processing Standards (FIPS) area, select the Use FIPS certified library for SSL connections check box.

5. Click Apply to save the changes on EFT Server.

6. Stop and then restart the EFT Server service. Review the Statistics area of EFT Server's General tab to verify that the service started.

   • If the HSM has expired when you attempt to start a Site on a Server that has FIPS mode enabled, an error message appears in the administration interface, and the Server sends an error message to the Event Log.

   • In Internet Explorer (IE) version 6, TLS mode must be enabled for SSL communications to work. (In Internet Explorer, click Tools > Internet Options. Click the Advanced tab. Scroll to the Security settings and select the Use TLS 1.0 check box. TLS is enabled by default starting in IE7.)

Refer to SSL for information about configuring SSL on the Site.