The version of OpenSSL that is shipped with vRealize Operations Manager 6.3 and later releases is FIPS 140-2 certified. However, the FIPS mode is not enabled by default.

You can enable the FIPS mode if there is a security compliance requirement to use FIPS certified cryptographic algorithms with the FIPS mode enabled.

1

To replace the mod_ssl.so file run the following command:

cd /usr/lib64/apache2-prefork/
cp mod_ssl.so mod_ssl.so.old
cp mod_ssl.so.FIPSON.openssl1.0.2 mod_ssl.so
2

Modify your Apache2 configuration by editing the /etc/apache2/ssl-global.conf file.

3

Search for the <IfModule mod_ssl.c> line and add the SSLFIPS on directive below it.

4

To reset the Apache configuration, run the service apache2 restart command.