TL;DR
To enable FIPS140-2, launch the wsadmin tool with -lang jython and issue the following command:
AdminTask.enableFips("[-enableFips true -fipsLevel FIPS140-2]")
or use Jacl:
$AdminTask enableFips {-enableFips true -fipsLevel transition }
Result:
fipsLevel values:
FIPS140-2 transition SP800-131
Details:
Or you can save even more time by scripting this. I wrote the following script to do the job for me (my actual script is longer as now it supports different fipsLevel values).
Example jython script:
import sys, java
def enableFIPS(fipsLevel):
AdminTask.enableFips("[-enableFips true -fipsLevel FIPS140-2)
AdminConfig.save()
def disableFIPS():
AdminTask.enableFips("[-enableFips false)
AdminConfig.save()
if sys.argv[0].lower()=="enable":
print 'Enabling the FIPS140-2'
enableFIPS("FIPS140-2")
elif sys.argv[0].lower()=="disable"
disableFIPS()
No comments:
Post a Comment