Guardium STAP message "Not FIPS 140-2 compliant"

Troubleshooting

Problem

In the STAP event log in the GUI you see an entry like LOG_ERR: Not FIPS 140-2 compliant - use_tls=0 failover_tls=1.

Cause

FIPS 140-2 is a US government security standard for cryptographic modules. If you see this message it indicates that the STAP is configured in a way that does not meet the standard.
Note - This message does not indicate any error with the STAP

If you wish to enable FIPS compliance, the guard_tap.ini file must have:

use_tls=1

failover_tls=0

Any other combination will turn off FIPS mode and result in the message as above.

Environment

You will only see a FIPS message if FIPS mode is implemented on your STAP type. As of April 2013 and subject to future changes:

not

Resolving The Problem

You can change the configuration by one of the methods below:

A - In the GUI->Administration Console->STAP Control page.

B - Edit the guard_tap.ini file on the DB server directly and restart the STAP.

NOTE : If you do not want to use TLS in your environment it is safe to ignore the message.

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Database Activity Monitor","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"9.0;8.2;8.1;8.0.1;8.0","Edition":"All Editions","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Tips

Guardium STAP message "Not FIPS 140-2 compliant"

Troubleshooting

Problem

Cause

Environment

Resolving The Problem

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?