Before You Begin
Before you can run the Logical Domains Manager in FIPS 140-2 mode, ensure that you are running at least version 3.2 of the Logical Domains Manager and that the primary domain runs at least the Oracle Solaris 11.2 OS.
This package should be installed by default when you install the Oracle Solaris 11.2 OS.
# pkg install openssl-fips-140
# pkg mediator openssl MEDIATOR VER. SRC. VERSION IMPL. SRC. IMPLEMENTATION openssl vendor local default
# pkg mediator -a openssl MEDIATOR VER. SRC. VERSION IMPL. SRC. IMPLEMENTATION openssl vendor vendor default openssl system system fips-140
Caution - The OpenSSL implementation to which you switch must exist in the system. If you switch to an implementation that is not in the system, the system might become unusable. |
# pkg set-mediator -I fips-140 openssl
# reboot
# pkg mediator openssl MEDIATOR VER. SRC. VERSION IMPL. SRC. IMPLEMENTATION openssl system local fips-140
# svccfg -s ldoms/ldmd setprop ldmd/fips1402_enabled = true
# svcadm refresh ldmd # svcadm restart ldmd