Federal Information Processing Standard
(FIPS) 140-2 specifies required levels of encryption for Transport
Layer Security/Secure Sockets Layer (TLS/SSL). This standard ensures
high protection of data as it is sent over the wire.
About this task
When you are using WebSphere® eXtreme Scale integrated
with WebSphere Application Server, the catalog
servers and container servers inherit the security properties from
the application server. When a catalog server runs in WebSphere Application Server, some of the communication
is controlled by the server.properties file.
Update the server.properties file to contain
the same properties that are required for stand-alone catalog servers.
Procedure
- Configure WebSphere Application Server for
FIPs. See Configuring FIPS JSSE files.
- Edit the Secure Sockets Layer (SSL) configuration in
the server properties files for the catalog server and container servers
to use the TLSv1 protocol. You also need to configure any clients
accessing the catalog and container servers to use the TLSv1 protocol.
These files must contain the following properties and values:
contextProvider=IBMJSSE2
transportType=SSL-Required
protocol=TLSv1
For more information about
the
server.properties file, see
Server properties file.
- Specify the following Java virtual machine (JVM) arguments
so that the catalog server points to the correct security files in WebSphere Application Server. -Dobjectgrid.server.props=C:/temp/17877/catServer2NISTsORB.props
- Restart your catalog and container servers.