The A2A Example.java source includes the following comment:
* FIPS mode is enabled by default between the client application and the client daemon.
* It can be disabled by either:
* 1. Adding the line '<enablefips>false</enablefips>' to $CSPM_CLIENT_HOME/cspmclient/config/cspm_client_config.xml
* 2. Specifying the daemon's port# and 'noFips' arguments to invoke the CSPMClient(port#, false) constructor
But performing step 1 and restarting the A2A client (removing the client cache) appears to break the client. The calls into the client fail with a 445 error, and the client log has errors, like:
INFO: Fri March 04 23:58:50.135 UTC 2022 KeyService::doLocalLogin. Local login not succeeded
Release : 3.4-4.0.2
Component : PRIVILEGED ACCESS MANAGEMENT
The <enablefips> option no longer is supported in current PAM releases. This functionality was removed several years ago, but it was missed to update the Java sample code accordingly.
Do not try to use this obsolete option. The references to <enablefips> are being removed from Example.java and should not be found in PAM A2A versions released after March 2022, starting with 4.1 and 4.0.3.