To remove the OpenSSL cryptographic library from Tectia Server on Windows, first disable FIPS mode, if it has been enabled, using the Configuration GUI.
Note | |
---|---|
If both Tectia Client and Tectia Server are installed, ensure that user-specific Connection Broker configuration(s) have FIPS mode disabled and that the system wide Tectia FIPSMODE switch file is removed. The FIPSMODE file is automatically removed when FIPS mode is disabled from the Tectia Server Configuration GUI (for more information, see Cryptographic library and crypto-lib ). |
To modify Tectia Client and Server optional FIPS module in Windows environment, follow the instructions below:
From the Windows Start menu, open the Control Panel and click Programs and Features.
In the list of installed programs, select Tectia Server and click Change.
In the installer click Modify.
Select Tectia Server > FIPS optional module and change it to Entire feature will be unvailable.
Note | |
---|---|
If you have installed Tectia Client together with Tectia Server, change also Tectia Client > FIPS optional module to Entire feature will be unvailable. |
Click Next and Install to proceed with the Modify installation that will remove the Tectia FIPS support module(s).
OpenSSL files removed from Tectia Server on Windows, when FIPS support module is uninstalled:
Note that <INSTALLDIR>
indicates the default Tectia
installation directory on 64-bit Windows versions: C:\Program Files (x86)\SSH Communications Security\SSH Tectia
<INSTALLDIR>\SSH Tectia
AUX\Plugins\<
x
>.<y
>.<z
>.<b
>\sshcrypto1.dll
(<x>
, <y>
,
<z>
and <b>
indicate
the Tectia Server version and build numbers, for example
6.6.3.123
.)
<INSTALLDIR>\SSH Tectia AUX\fips\fips.dll
<INSTALLDIR>\SSH Tectia AUX\fips\openssl.cnf
<INSTALLDIR>\SSH Tectia AUX\Support binaries\libcrypto-3.dll
<INSTALLDIR>\SSH Tectia AUX\libcrypto-3.dll
<INSTALLDIR>\SSH Tectia Broker\libcrypto-3.dll
<INSTALLDIR>\SSH Tectia Client\libcrypto-3.dll
<INSTALLDIR>\SSH Tectia Server\libcrypto-3.dll