
APPSeCONNECT might warn you when FIPS is enabled on your system
FIPS or more precisely Federal Information Processing Standards are a set standards for document processing, encryption algorithms and other standards defined by National Institute of Standards and Technology which is needed to be used for non-military government agencies and government contractors and vendors who work with the agencies. Microsoft recommends to turn off this settings and even they don’t enable it by default.
Effect of FIPS on APPSeCONNECT
Even though FIPS does not have any direct effect on the sync operation, still APPSeCONNECT requires you to turn off the FIPS settings as we use secured hash algorithms for storing passwords which are not part of FIPS algorithm lists. You need to always turn off the FIPS settings, if you wish to login from the onpremise machine. The login is only required when you want to configure your on-premise agent for the first time after installation, to make sure the licenses are properly downloaded.
If FIPS is enabled in the system where you have installed your on-premise agent, an error will show up stating “FIPS is enabled in this machine, please disable it before login”.
This will disallow you to login in the agent, as you can see the Login button gets disabled even though the userid and password is wrong.
How to disable FIPS in Windows machine
- Go to Start -> Run.
- Type “gpedit.msc” without quotes.
- Open “Local Computer Policy” -> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options.
- Find the policy called – “System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing as shown in the figure below.
- Open the settings and “Disable” it.
- Once this is done, relogin to agent again.
You should successfully login using your own login credentials.
Thank you.
Leave a reply