How do I verify that System SSL is successfully enabled to support FIPS 140 mode?

Question & Answer

Question

As part of my implementation of FIPS 140 mode for AT-TLS, I need to enable System SSL for FIPS 140 mode. How can I verify that System SSL is enabled for FIPS 140 mode?

Answer

To verify that System SSL is enabled for FIPS 140 mode, verify that the following message is issued after you start the GSKSRVR task:

 GSK01057I SSL server starting in FIPS mode.

If System SSL is not enabled for FIPS 140 mode, the following message will be issued after you start the GSKSRVR task:

 GSK01054E  SSL server starting in non-FIPS mode. Status status-code

If the status-code indicated in message GSK01054E is zero, correct the environment variable GSK_FIPS_STATE so that it specifies the value 'GSK_FIPS_STATE_ON'.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Platform":[{"code":"PF035","label":"z\/OS"}],"Component":"","Version":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]

Product Synonym

ZOSCS COMMSERVER

Was this topic helpful?

Document Information

Modified date:
14 September 2016

UID

dwa1303423

Tips