AEM forms provides
a FIPS mode to restrict data protection to Federal Information Processing
Standard (FIPS) 140-2 approved algorithms using the RSA BSAFE Crypto-C
2.1 encryption module.
If you did not enable this option by using Configuration Manager
during AEM forms configuration or if you enable it but want to turn
it off, you can change this setting through administration console.
Modifying FIPS mode requires you to restart the server.
FIPS mode does not support Acrobat versions earlier than 7.0.
If FIPS mode is enabled and the Encrypt With Password and Remove
Password processes include the Acrobat 5 setting, the process fails.
In general, when FIPS is enabled, the Assembler service does
not apply password encryption to any document. If this is attempted,
a
FIPSModeException
is thrown, indicating that
“Password encryption is not permitted in FIPS mode.” Additionally,
the
PDFsFromBookmarks
element is not supported
in FIPS mode when the base document is password-encrypted.
-
Log in to administration console.
-
Click
Settings
>
Core System Settings
>
Configurations
.
-
Select
Enable FIPS
to enable FIPS mode or deselect
it to disable FIPS mode.
-
Click
OK
and restart the application server.
Note:
AEM forms software does not validate code to ensure
FIPS compatibility. It provides a FIPS operation mode so that FIPS-approved
algorithms are used for cryptographic services from the FIPS-approved
libraries (RSA).