FIPS 140-2 compliance

FIPS 140-2 is a standard which certifies cryptographic modules used by applications.

CICS® Transaction Gateway can be configured to use FIPS 140-2 certified modules to maintain the confidentiality and integrity of the information protected by the modules.

To configure the CICS TG to use FIPS 140-2 certified modules:
  1. Locate the java.security file in the <java_dir>/lib/security directory.
  2. Locate the providers section in the file and add the following two lines at the top: 
    security.provider.1=com.ibm.fips.jsse.IBMJSSEFIPSProvider
security.provider.2=com.ibm.fips.crypto.fips.provider.IBMJCEFIPS
    Renumber the existing providers as required.
  3. Save the file and restart the CICS Transaction Gateway.