SSLFIPSMODE

The SSLFIPSMODE option specifies whether the Federal Information Processing Standards (FIPS) mode is in effect for Secure Sockets Layer (SSL). The default is NO.

Because SSLv3 is not supported by FIPS mode, when you are using SSL with Version 6.1 or V5.5 clients, you must turn off FIPS mode.

Syntax

Read syntax diagramSkip visual syntax diagram
   .-SSLFIPSMODE--=--No------.   
>>-+-------------------------+---------------------------------><
   '-SSLFIPSMODE--=--+-No--+-'   
                     '-Yes-'     

Parameters

No
Specifies that SSL FIPS mode is not active on the server. This setting is required when Backup-Archive Client versions previous to IBM® Tivoli® Storage Manager 6.3 are to connect to the server with SSL.
Yes
A value of YES indicates that SSL FIPS mode is active on the server. This setting restricts SSL session negotiation to use FIPS-approved cipher suites. Specifying YES is suggested when SSL communication is activated and all Backup-Archive Clients are at V6.3 or later.
Remember: Set server option SSLTLS12 to NO if your environment includes Backup-Archive Clients that use server self-signed certificates that were generated by a server whose version was before V6.3.
To disable SSL FIPS mode on the server:
SSLFIPSMODE no