FIPS-140 Standard

The PKCS #11 APIs enable communication with software or hardware modules that perform cryptographic operations. Once PKCS #11 is installed on your Proxy Server, you can configure the server to be FIPS-140 compliant. FIPS stands for Federal Information Processing Standards. These libraries are included only in SSL 3.0.

To Enable FIPS-140

1. Install the plug-in following the FIPS-140 instructions.

2. Access either the Administration Server or the Server Manager and click the Preferences tab.

3. Click the Edit Listen Sockets link.

   For a secure listen socket, the Edit Listen Sockets page displays the available security settings.

   To work with FIPS-140, ensure that security is enabled on the selected listen socket. For more information, see Enabling Security for Listen Sockets.

4. Select Enabled from the SSL Version 3 drop-down list, if not already selected.

5. Select the appropriate FIPS-140 cipher suite and click OK:

   • Enable Triple DES with 168–bit encryption and SHA authentication (FIPS)

     • Enable DES with 56–bit encryption and SHA authentication (FIPS)