000017479 - FIPS Support for RSA Authentication Manager 7.1 and 8.x Consoles

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000017479
Applies ToRSA Authentication Manager 7.1
RSA SecurID Appliance 3.0
RSA Authentication Manager 8.0
RSA Authentication Manager 8.1
IssueUsing FIPS compliant algorithms for encryption, hashing, and signing does not allow you to log into the Security Console or Operations Console.
Cannot access Security Console or Operations Console in Microsoft Internet Explorer
Resolution

Depending on your environment, you may be required to use FIPS compliance as required by the Domain Controller's Group Policy.


To check this locally on your Windows machine, go to Start -> Run -> Type "gpedit.msc" without the quotes and click "OK"


When the Local Group Policy Editor launches, find the tree in the left frame. Navigate to Local Computer Policy -> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options


On the right frame, you'll see a list of policies. Scroll down to "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing". Right click this and choose properties. Change this value from Enabled to Disabled.


To have the changes made take effect, you must restart your application, such as Internet Explorer.

NotesFor more information about FIPS compliant algorithms, see Microsoft's KB article http://support.microsoft.com/kb/811833.
RSA has a Request For Enhancement (RFE) to support FIPS for it's management consoles, the tracking number is AM-23768.
Legacy Article IDa65745

Attachments

    Outcomes