FIPS environments
If you are in an environment that mandates or requires
that your security components use Federal Information Processing Standards
(FIPS)-certified components/modules, consider the following. For secure
Telnet and FTP connections, Z and I Emulator for Web uses FIPS-compliant ciphers
by default. If your environment requires the connection to an IBM
System i host for file transfer or data transfer, ensure that your
system meets the following requirements:
- You are using a Java JRE that is FIPS certified.
- You need to configure the HTML parameter UseJSSEforiSeries on the Advanced Options window of the Deployment Wizard and set its value to true.
- You need to add the certificate from the IBM System i host to the Java Secure Socket Extension (JSSE) client trust store for the Java JRE. Refer to your Java JRE provider for configuration details.
Another way to enter the path and password is to use a Run Applet
that is provided with Z and I Emulator for Web. To do this, take the following
steps:
- From the menu of a display session, select Actions > Run Applet.
- Enter com.ibm.eNetwork.HOD.util.jsse.JSSESetup in the field for the class name.
- Click OK.
In earlier versions of Z and I Emulator for Web, you can enable FIPS mode authentication through an HTML parameter. The current version of Z and I Emulator for Web provides a menu option to enable or disable the FIPS mode for each session. By default, FIPS mode is enabled for all the sessions.