FIPS mode is an install wide setting. After enabling FIPS mode you must:
  1. Restart databases.
  2. Restart the stopped instance of OpenEdge DataServer for Microsoft SQL Server, if present.
  3. Register PAS for OpenEdge instances.

    Syntax:

    pasman register alias-name instance-path

    Example:

    pasman register oepas1 "C:\Openedge\WRK\oepas1"

    Response:

    info: CATALINA_BASE set to c:\OpenEdge\WRK\oepas1
0
    Note: To ensure that session IDs, when generated during basic authentication, use FIPS‑approved algorithms, uncomment the Valve section with secureRandomProvider and secureRandomAlgorithm in the <webapps>/<appname>/META-INF/context.xml file.
  4. Regenerate existing PAS for OpenEdge domain keystores using gendomreg to use FIPS mode modules.

    For more information, see OpenEdge security domain configuration tasks.

  5. Restart PAS for OpenEdge instances.

    Syntax:

    pasman start -I alias-name

    Example:

    pasman start -I oepas1

    Response:

    PAS started with process IDs: 4288
  6. Check in logs for any errors (PAS agent logs, client logs, database log).
  7. Ensure application uses only NIST-approved algorithms.
  8. Validate encryption policies and keystore configuration.