The vCenter VAMI service must enable FIPS mode.

An XCCDF Rule

Details
Profiles

Description

Encryption is only as good as the encryption modules used. Unapproved cryptographic module algorithms cannot be verified and cannot be relied on to provide confidentiality or integrity, and DOD data may be compromised due to weak algorithms. FIPS 140-2 is the current standard for validating cryptographic modules. Satisfies: SRG-APP-000179-WSR-000111, SRG-APP-000014-WSR-000006, SRG-APP-000416-WSR-000118, SRG-APP-000439-WSR-000188

ID: SV-259148r935348_rule
Version: VCLD-80-000042
Severity: High
References: CCI-000068 CCI-000803 CCI-002418 CCI-002450
Updated: about 2 months ago

Remediation Templates

Navigate to and open:

/opt/vmware/etc/lighttpd/lighttpd.conf  

Add or reconfigure the following value:
server.fips-mode = "enable"

Restart the service with the following command:

# vmon-cli --restart applmgmt

The vCenter VAMI service must enable FIPS mode.

Description

Remediation Templates

A Manual Procedure