To enable the Sentinel Server to run in FIPS 140-2 mode:
Log in to the Sentinel server.
Switch to novell user (su novell).
Browse to the Sentinel bin directory.
Run the convert_to_fips.sh script and follow the on-screen instructions.
(Conditional) If your environment uses multi-factor or strong authentication, you must run the create_mfa_fips_keys.sh script and follow the on-screen instructions.
NOTE:While the script is running, it requires the password for the nss database.
(Conditional) If your environment uses multi-factor or strong authentication, you must provide the Sentinel client id and Sentinel client secret. For more information about authentication methods, see Authentication Methods
in the Sentinel Administrator Guide.
To retrieve the Sentinel client ID and Sentinel client secret, go to the following URL:
https://Hostname:port/SentinelAuthServices/oauth/clients
Where:
Hostname is the host name of the Sentinel server.
Port is the port Sentinel uses (typically 8443).
The specified URL uses your current Sentinel session to retrieve the Sentinel client ID and Sentinel client secret.
Restart the Sentinel server.
Complete the FIPS 140-2 mode configuration by following the tasks mentioned in Section 24.0, Operating Sentinel in FIPS 140-2 Mode.