Federal Information Processing Standards (FIPS) Compliance

The Machine Agent >= 22.3.0 is FIPS 140-2 compliant.

To use the FIPS-compliant BCFKS truststore for the Machine Agent:

  1. Provide the following JVM arguments:
    1. -Djavax.net.ssl.trustStore=<absolute_path_to_BCFKS_truststore>
    2. -Djavax.net.ssl.trustStoreType=BCFKS
    3. -Djavax.net.ssl.trustStorePassword=<password_for_truststore>
  2. Add the following security provider class in the java.security file for the JRE used by the Machine Agent:
    1. security.provider.<desired preference order>=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider
    2. Replace <desired preference order> with your desired preference order.