FIPS Security

Configure > Security > FIPS

Important: After FIPS is enabled, you must re-install any hotfixes previously installed for the current version of Content Gateway.

When FIPS mode is enabled:

  • HTTPS connections use only TLSv1 or higher
  • HTTPS connections use FIPS 140-2 approved algorithms
  • Content Gateway generates SHA-256 certificates in response to origin server certificate requests
Warning: Once enabled, FIPS 140-2 mode cannot be disabled without reinstalling Content Gateway. If Content Gateway is on an appliance, the appliance must be reimaged.
Important: Due to a system limitation, FIPS 140-2 mode cannot be used with NTLM user authentication (IWA fallback to NTLM or Legacy NTLM).

For complete information, see FIPS 140-2 Mode.

Option Description
FIPS Enable/Disable radio buttons

By default, Content Gateway is installed in non-FIPS 140-2 mode.

To switch to FIPS 140-2 mode, select the Enabled radio button, click Apply, and restart Content Gateway.

Warning: Once enabled, FIPS 140-2 mode cannot be disabled without reinstalling Content Gateway. For appliance installations, reinstallation requires reimaging the system.