The A2A Example.java source includes the following comment:
* Notes:
* FIPS mode is enabled by default between the client application and the client daemon.
* It can be disabled by either:
* 1. Adding the line '<enablefips>false</enablefips>' to $CSPM_CLIENT_HOME/cspmclient/config/cspm_client_config.xml
* 2. Specifying the daemon's port# and 'noFips' arguments to invoke the CSPMClient(port#, false) constructor
But performing step 1 and restarting the A2A client (removing the client cache) appears to break the client. The calls into the client fail with a 445 error, and the client log has errors, like:
INFO: Fri March 04 23:58:50.135 UTC 2022 KeyService::doLocalLogin. Local login not succeeded
The <enablefips> option no longer is supported in current PAM releases. This functionality was removed several years ago, but it was missed to update the Java sample code accordingly.
Release : 3.4-4.0.2
Component : PRIVILEGED ACCESS MANAGEMENT
Do not try to use this obsolete option. The references to <enablefips> are being removed from Example.java and should not be found in PAM A2A versions released after March 2022, starting with 4.1 and 4.0.3.