Configuring PingCentral to run in FIPS-compliant mode

Running PingCentral in FIPS-compliant mode guarantees that all cryptographic algorithms and protocols meet the U.S. federal standard for security compliance. When you’re connecting PingCentral to an external database, you must use a FIPS-compliant authentication method.

PingCentral is currently running FIPS 140-3. Learn more about this version in FIPS 140-3.

To enable this option, access the <PingCentral_install>/conf/application.properties file and set the pingcentral.fips.enabled property value to true.

If on Linux systems, the Bouncy Castle FIPS-approved secure random number generator might drain a large amount of entropy during initial seeding. If available entropy becomes too low, the PingCentral server or bundled command-line tools could stall on startup for an extended period of time. If this occurs, then you will likely need to integrate with a hardware random number generator or install an entropy-supplementing daemon like rngd.