FIPS providers successfully loaded.

This indicates the station has successfully started in FIPS mode.

MESSAGE [13:21:23 30-Oct-13 EDT][sys.registry] Loaded [669ms]

MESSAGE [13:21:59 30-Oct-13 EDT][sys] FIPS providers successfully loaded.

FIPS module is present but FIPS is not licensed.

This indicates that the FIPS providers were found, but the host platform is not licensed for FIPS. The station was not started in FIPS mode.

MESSAGE [13:21:23 30-Oct-13 EDT][sys.registry] Loaded [669ms]

MESSAGE [13:21:59 30-Oct-13 EDT][sys] FIPS module is present but FIPS is not licensed.

To fix this, update the host’s license to include the “fips104-2” feature.

FIPS is licensed but FIPS module is not present.

This indicates the host platform is licensed for FIPS, but the FIPS providers could not be found. The station was not started in FIPS mode.

MESSAGE [13:21:23 30-Oct-13 EDT][sys.registry] Loaded [669ms]

MESSAGE [13:21:59 30-Oct-13 EDT][sys] FIPS is licensed but FIPS module is not present.

To fix this, ensure that FIPS was correctly installed. See Installing the FIPS distribution.

SSL version 3.0 is not permitted with FIPS, which requires a minimum of TLS version 1.0. In order to ensure FIPS compliance, the “Https Min Protocol” property of the station’s WebService is automatically set to TLSv1 and made read-only when a station is in FIPS mode. Similarly, the “Foxs Min Protocol” property in the station’s FoxService is also set to TLSv1 and is read-only.

The platform’s protocol in “Platform SSL Settings” is also set to TLSv1 and made read-only—see this via the Platform Administration view, “Change SSL Settings”. (Note although FIPS mode is not claimed on platform connections, for the most part, only FIPS-compliant algorithms are used).

Since FIPS does not permit SSL version 3.0, the list of allowed ciphers suites has been reduced in FIPS mode to include only TLS version 1.0 cipher suites.

Any functionality relying on a non-FIPS compliant algorithm will no longer work in a station running in FIPS mode.