EEM Fails To Start with FIPS On and Private Key with Password
search cancel

EEM Fails To Start with FIPS On and Private Key with Password

book

Article ID: 237120

calendar_today

Updated On:

Products

CA Process Automation Base

Issue/Introduction

While implementing our EEM server to use custom/signed certificates (following instructions similar to what's here: Apply own p12 certificate in place of the default CA Embedded Entitlements Manager (EEM) certificate), the EEM Server fails to start when separating the private/public key and using a password protected private key. 

 

 

Environment

Release : ITPAM 4.3, EEM 12.6

 

Resolution

This happens is because "PBE algorithms are not allowed in FIPS mode". Based on this you need to make a choice of:

  • Use FIPS ON mode without a private key that is not password protected; or
  • Use FIPS OFF mode with a private key that is password protected.