We're migrating the FIPS mode from COMPAT to MIGRATE and we'd like to
know :
- Is there any impact in existing Policy/Key store ?
- What all things we need to consider prior changing the FIPS
compatibility mode in an existing working setup ?
- Do we need to perform belowre-encryptions?
Re-encrypt Policy Store Key
Re-encrypt Policy Store Administrator Password
Host re-registration for all web agents
Re-encrypt Policy and Key Store
Release : 12.8
Component : SITEMINDER -POLICY SERVER
At first glance, according to documentation, to move to MIGRATE mode,
you need to read carefully the following documentation page. You
indeed needs to encrypt again all sensitive data.
Re-Encrypt Existing Sensitive Data for FIPS Migration
Re-encrypt a Policy Store Key
Re-Encrypt the Policy Store Administrator Password
Re-encrypt the Super User Password
Set an Agent to FIPS-Migration Mode
Re-encrypt Client Shared Secrets
Re-encrypt Policy and Key Store Data
Verify that Password Blobs are Re-encrypted