4 Replies Latest reply on Jul 12, 2012 8:47 AM by kylecompassion

    ePO 4.6 FIPS installation

      I recall reading there is a custom command line for the ePO 4.6 server install for enabling FIPS mode, but I am not able to find that info in any of the documentation.

      Does anyone know how to install epo 4.6 server with FIPS enabled?

        • 1. Re: ePO 4.6 FIPS installation

          After some digging, I found it:


          From command line "setup.exe ENABLEFIPSMODE=1"

          • 2. Re: ePO 4.6 FIPS installation

            Is there any way to tell which mode you are running in currently? Our McAfee admin left unexpectedly and we haven't been able to find any documentation of whether or not he installed in FIPS mode.

            • 3. Re: ePO 4.6 FIPS installation

              In the file system where the ePO files are located, fish out the DB\server.ini file.


              There is an entry like fipsmode=1


              It should be under Program Files\ePolicy Orchestrator\DB\server.ini...  


              Edited errors on 7/11/12 5:07:37 PM CDT
              • 4. Re: ePO 4.6 FIPS installation

                Thanks tahoekid! i saw your original edit and couldn't find anything in the registry so I emailed McAfee support. They gave me the info below. Figured i'd share it for anyone else who ends up in my shoes some day. Or ends up with the value of "2" and is confused by it




                The following additional inspection can be used to identify an ePO environment in FIPS mode.


                (a) Server.ini(<EPO install dir>\DB\) -


                FipsMode=0 - Server is not running in FIPS mode

                FipsMode=1 - Server is running in FIPS mode

                FipsMode=2 - Server is in transition mode due to being upgraded from a previous version. 


                (b) Database - EPOSchemaInfo table


                ePOFipsMode - Same values as server.ini FipsMode setting