Environment
Novell ZENworks 10 Configuration Management with Support Pack 3 -
10.3 Content
Situation
Enabling the FIPS compliant security setting either in the Local
Security Policy or as part of Group Policy on a device causes the
ZCM agent to fail when accessing HTTPS servlets on the
server. For example, when downloading content from a
server.
Resolution
Working as Designed. Enhancement Request has been made.
Status
Reported to EngineeringAdditional Information
The Zen Agent's .NET classes currently in used by ZCM 10.x agent
uses non-fips-140-compliant encryption classes to download content
to managed devices. FIPS-140 requires .NET 3.5 APIs which is being
reviewed as a possibility for ZCM 11.
More information on FIPS-140 can be found at http://support.microsoft.com/kb/811833
If the FIPS policy shows "Disabled" yet the following regkey exists, see KB 7016055 "Getting FIPS Error in Bundle with FIPS Disabled" for resolution.
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa]
"fipsalgorithmpolicy"=dword:00000001