Most Popular Posts

29/08/2016

FIPS Compliance-Part III. enableFips using wsadmin and jython jacl

TL;DR

To enable FIPS140-2, launch the wsadmin tool with -lang jython and issue the following command:

AdminTask.enableFips("[-enableFips true -fipsLevel FIPS140-2]")

or use Jacl:


$AdminTask enableFips {-enableFips true -fipsLevel transition }

Result:

wsadmin-lang-jython fipsenable fips140-2

fipsLevel values:

FIPS140-2

transition

SP800-131

Details:

Or you can save even more time by scripting this. I wrote the following script to do the job for me (my actual script is longer as now it supports different fipsLevel values).

Example jython script:

import sys, java
def enableFIPS(fipsLevel):
  AdminTask.enableFips("[-enableFips true -fipsLevel FIPS140-2)
  AdminConfig.save()
def disableFIPS():
  AdminTask.enableFips("[-enableFips false)
  AdminConfig.save()
if sys.argv[0].lower()=="enable":
  print 'Enabling the FIPS140-2'
  enableFIPS("FIPS140-2")
elif sys.argv[0].lower()=="disable"
  disableFIPS()







No comments:

Post a Comment