Enable FIPS mode for the NetBackup Administration Console
By default, FIPS mode for the NetBackup Administration Console is disabled.
To enable FIPS mode for the NetBackup Administration Console (on local or remote host)
- Open the NetBackup Administration Console configuration file.
On Windows computers, the file containing configuration options for the NetBackup Administration Console is: install_path\java\nbj.conf
On UNIX computers, the file containing configuration options for the NetBackup Administration Console is: /usr/openv/java/nbj.conf
- In the configuration file, enable the NB_FIPS_MODE option. Use the following format:
NB_FIPS_MODE = true
- Save the changes.
- Restart the NetBackup Administration Console.
To verify if the NetBackup Administration Console runs in FIPS mode
- Check the NetBackup Administration Console logs.
Log location:
On Windows: install_path\logs\user_ops\nbjlogs\jbp.root.jnbSA.pid.log
On UNIX: /usr/openv/netbackup/logs/user_ops/nbjlogs/jbp.root.jnbSA. pid.log
On a standalone console, create a directory structure and check the logs.
If the log file contains the following log lines, it means the console runs in FIPS mode:
com.safelogic.cryptocomply.fips.approved_only: true
It should have the following log lines:
JavaPresentationLayer- FIPS mode enforced. Reconfiguring SunJSSE. JavaPresentationLayer- Administration console is running in FIPS approved mode
Note:
This FIPS mode configuration does not affect the NetBackup KMS FIPS mode. NetBackup KMS continues to run in FIPS mode by default.