Configuring OpenSSL FIPS 140-2 Mode
When FIPS 140-2 mode is enabled, the OpenSSL library is initialized into FIPS 140-2 mode at system startup. Note that this is the default behavior of MarkLogic Server. If FIPS mode is enabled or disabled on a running system, the OpenSSL library is reconfigured appropriately without requiring a server restart. When the FIPS mode setting changes and secure XDQP is configured, all XDQP connections are dropped and reestablished.
To configure a cluster to run in FIPS 140-2 mode, follow these steps:
Log into the Admin Interface.
Click the Clusters icon on the left tree menu.
Select the local cluster.
Click the Configure tab to open the Edit Local Cluster Configuration page:
To configure FIPS 140-2 mode, select
true
orfalse
as needed. For SSL FIPS Enabled, selecttrue
.Click OK to save the changes.