Update to java.security File When Enabling or Disabling FIPS Mode

When enabling or disabling FIPS mode, the fips script updates the following file:java-home/jre/lib/security/java.security

The following line in this file is changed:

ssl.KeyManagerFactory.algorithm=SunX509

ssl.KeyManagerFactory.algorithm=IbmX509

gets changed to

ssl.KeyManagerFactory.algorithm=PKIX

Note: Because the fips script updates the java.security file, it is important that MFT is the only application that uses this Java installation. If necessary, we suggest installing a Java version that only MFT uses.

Prior to enabling or disabling FIPS, the script checks if it has access to this file. If it does, the script continues. If it does not have access to this file, the script terminates with the following message:

You do not have access to C:\Program Files\Java\jdk1.8.0_172\jre\lib\security

Contents

Index

Search Results

Update to java.security File When Enabling or Disabling FIPS Mode