Security preferences

Security preferences point to the location of the CA certificate keystore, client certificates, and private keys.

To access Security preferences in the Windows client, click Window > Preferences > Service Manager > Security.

Preference Description Default value
FIPS Mode

Enables FIPS mode in the Windows Client.

When FIPS mode is enabled on the server side (that is, fipsmode:2 is specified in the server's sm.ini file), you have the option to enable FIPS mode in the Windows Client. For more information, see Configuring FIPS mode in Service Manager.

Caution Do not enable this option when the Service Manager Server is using the fipsmode:1 legacy configuration in the server's sm.ini file.

Disabled
JCE provider name

Note This option is provided only for backward compatibility. Use it only when the Service Manager Server is using the fipsmode:1 legacy configuration in the server's sm.ini file.

Specify the name of a FIPS-certified third-party JCE provider you use for the Windows client.

Note This option becomes read-only when the FIPS Mode checkbox is selected.

JsafeJCE

JCE provider class name

Note This option is provided only for backward compatibility. Use it only when the Service Manager Server is using the fipsmode:1 legacy configuration in the server's sm.ini file.

Specify the class name of a FIPS-certified third-party JCE provider you use for the Windows client.

Note This option becomes read-only when the FIPS Mode checkbox is selected.

com.rsa.jsafe.Provider.JsafeJCE

Note This option is provided only for backward compatibility. Use it only when the Service Manager Server is using the fipsmode:1 legacy configuration in the server's sm.ini file.

CA certificates file Specify the path to a keystore of Certification Authorities (CA) used to certify the client and server certificates. Service Manager has an out–of–box example of this file in \<Web Tier>\WEB-INF\cacerts.
CA certificates password Specify the password to access the CA certificates file. None.
Client keystore file Specify the path to the keystore containing the client certificate and associated private keys. None. You must create this file.
Client keystore password Specify the password to access the client keystore. None.