The SSLFIPSMODE option specifies whether
the Federal Information Processing Standards (FIPS) mode is in effect
for Secure Sockets Layer (SSL). The default is NO.
Because SSLv3 is not supported by FIPS mode, when you are using
SSL with Version 6.1 or V5.5 clients, you must turn off FIPS mode.
Syntax
.-SSLFIPSMODE--=--No------.
>>-+-------------------------+---------------------------------><
'-SSLFIPSMODE--=--+-No--+-'
'-Yes-'
Parameters
- No
- Specifies that SSL FIPS mode is not active on the server. This
setting is required when Backup-Archive Client versions previous to IBM® Tivoli® Storage Manager 6.3
are to connect to the server with SSL.
- Yes
- A value of YES indicates that SSL FIPS mode is active on the server.
This setting restricts SSL session negotiation to use FIPS-approved
cipher suites. Specifying YES is suggested when SSL communication
is activated and all Backup-Archive Clients are at V6.3 or later.
Remember: Set server option SSLTLS12 to
NO if your environment includes Backup-Archive Clients that use server
self-signed certificates that were generated by a server whose version
was before V6.3.
To disable SSL FIPS mode on the server:
SSLFIPSMODE no