This section tells you how to copy required files and configure the FIPS-supported redirector plug-in for iPlanet or Sun Java System. It assumes you have already installed and configured the plug-in for non-FIPS use and updated this installation by following the instructions described in “Adding FIPS and TLS support to the Web server redirector plug-ins”.
Edit the magnus.conf file to load the FIPS-supported redirector module. The following lines illustrate a sample magnus.conf file that supports FIPS and TLS. The only difference from a non-FIPS sample is that the file libjeas_httpd40.sl is replaced with libjeas_httpd40_f140.sl; for example:
iPlanet:
Init fn="load-modules" shlib="WEB_SERVER_HOME/bin/https/lib/libjeas_httpd40.sl" funcs="conn_init,conn_service" Init fn="conn_init" configfile="/WEB_SERVER_HOME/https-neptune/config/conn_config"
Sun Java System:
Init fn="load-modules"shlib="WEB_SERVER_HOME/bin/https/libjeas_httpd40_f140.sl" funcs="conn_init,conn_service" Init fn="conn_init" configfile="/webserver/https-neptune/config/conn_config"
Copy the required libraries. When you initially installed the non-FIPS-supported Sun Java System or iPlanet Web server plug-ins, and used WEB_SERVER_HOME as the location of the Web server software, you copied the libraries listed in Table 4-4 from your $JAGUAR/lib directory to the appropriate subdirectory. To support FIPS, you must also copy the following files to the same directory:
libjctssecct_f140.sl
libdefaultsbg.sl
libjeas_httpd40_f140.sl
libjsbgpks_r.sl
libjsybcki_r.sl
libjsybckif140_r_r.sl
libsbgse2.sl
Verify that the Web redirector plug-in still works for your HTTP connections.
Enable FIPS for the redirector plug-in and establish HTTPS connections. See “Managing FIPS for the redirector plug-ins”
