Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
|A single word||
||Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".|
You can specify that the search results contain a specific phrase.
Topics that contain the literal phrase "cat food" and all its grammatical variations.
Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.
Two or more words in the same topic
|Either word in a topic||
|Topics that do not contain a specific word or phrase||
|Topics that contain one string and do not contain another||
|A combination of search types||
- System Security
- Encryption of configuration file settings
- Encryption of operator passwords
- Encryption of client keystore passwords
- Inactivity timer
- Lockout feature
- System quiesce: Login restrictions
- Mandanten file security
- Multicompany mode
- Script utilities
- Security tables
- Secure Sockets Layer (SSL) encryption and server certificates
- TLS 1.2 Support and Configuration
- Trusted sign-on
- Common Access Card (CAC) sign-on
- FIPS mode
FIPS (Federal Information Processing Standards) are a set of standards that describe document processing, encryption algorithms and other information technology standards for use within U.S. non-military government agencies and by U.S. government contractors and vendors who work with the agencies.
FIPS 140-2, “Security Requirements for Cryptographic Modules,” was issued by the U.S. National Institute of Standards and Technology (NIST) in May, 2001. The standard specifies the security requirements for cryptographic modules utilized within a security system that protects sensitive or valuable data.
As of version 9.32, Service Manager is FIPS 140-2 compliant when running in FIPS mode. The following table describes two operation modes of the Service Manager server and clients.
(FIPS 140-2 compliant mode)
Supports FIPS 140-2 compliant cryptographic functions.
(Non-FIPS 140-2 compliant mode)
|Utilizes existing cryptography without the 3rd-party FIPS 140-2 validated cryptographic modules.|
To support FIPS mode, the Service Manager server and clients have introduced the following changes as of version 9.32.
Note If the FIPS mode is enabled, the encrypted fields cannot be retrieved via the legacy listener.
Out-of-the-box, the Service Manager server uses a 3rd-party FIPS 140-2 validated cryptographic module, OpenSSL FIPS Object Module. Additional changes are listed in the following table.
|AES encryption algorithm||
Service Manager provides the function to encrypt table fields. Prior to version 9.32, Service Manager uses the Data Encryption Standard (DES) encryption algorithm, which is not FIPS-compliant.
As of version 9.32, when running in FIPS mode, Service Manager uses the Advanced Encryption Standard (AES) encryption algorithm, which is FIPS 140-2 compliant. After enabling FIPS mode, you must upgrade your database's encryption algorithm from DES to AES by running the
|Additional support of 256-bit database encryption keys||
Prior to version 9.32, Service Manager only supports 64-bit database encryption keys.
As of version 9.32, Service Manager supports 64-bit keys in non-FIPS mode and 256-bit keys in FIPS mode.
This server parameter determines whether the server runs in FIPS or non-FIPS mode when set to 1 or 0:
Note In a horizontal scaling environment, you must set this parameter to the same value (either 1 or 0) on all server nodes.
|Additional OpenSSL libraries (Windows server)||
In addition to
Out-of-the-box, the Windows and web clients use a 3rd-party FIPS 140-2 validated cryptographic module, RSA BSAFE Crypto-J. To allow administrators to enable FIPS mode, the web and Windows clients have introduced the following parameters or security preference options.
|Windows ( Window > Preferences > HPE Service Manager > Security)||
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to ovdoc-ITSM@hp.com.
Help Topic ID: