Executing the fips Scripts

The fips scripts use the parameters defined in the MFT-Install/server/conf/server.xml and the MFT-Install/server/webapps/cfcc/WEB-INF/web.xml to review your system for FIPS compatibility and to enable or disable FIPS mode.

You can execute the fips script on a different MFT Server installation. For example, you can run a fips test on V8.0.2 or V8.1.0 to check the compatibility with FIPS. If you want to execute the script on an existing MFT Server installation, follow this procedure.

Prerequisites

You must install MFT 8.2.0 or higher prior to executing the fips script.

Procedure

  1. Copy the file fips.sh or fips.bat to the installed system depending on whether the system is UNIX or Windows.
  2. Edit file fips.sh or fips.bat. For example, fips.bat on Windows.
  3. Make either of the following changes based on your requirement.
    • On Windows: In fips.bat change the following line (at around line 7) from set MFT_HOME="%CD%" to set MFT_HOME=c:\YourMFTInstallDirectory.
    • On UNIX: In fips.sh change the following line (at around line 19) from MFT_HOME=$PWD to MFT_HOME=/opt/YourMFTInstallDirectory.
    Important: YourMFTinstallDirectory must point to the MFT 8.2.0 installation directory where the fips script is copied from. The script uses this directory to setup the java classpath.
  4. Execute the fips script. For example:
    • On Windows: fips test or fips enable or fips disable
    • on UNIX: ./fips.sh test or ./fips.sh enable or ./fips.sh disable