Skip to main content

Enabling FIPS

Starting at Version 3.5.0, CxIAST supporting the Federal Information Processing Standards (FIPS). To enable FIPS in Windows, do the following:

1. Open Local Security Policy using secpol.msc.

2. On the left pane, navigate to Security Settings > Local Policies > Security Options.

3. Navigate to the property of System Cryptography: Use FIPS Compliant algorithms for encryption, hashing, and signing.

4. Double-click to open the property, select Enabled and then click OK.

Enabling Tomcat in FIPS Mode

1. Stop the Tomcat service.

2. Verify that Microsoft Visual C++ 2015 Redistributable (x64) is installed.

3. Download the compiled tcnativ~1.dll file to a folder of your choice from

4. Copy the compiled tcnativ~1.dll to your Tomcat folder.

  • If you use the Tomcat server provided with your IAST installation, copy tcnativ~1.dll to the tomcat\lib folder.

  • If you use your own Tomcat server, copy tcnativ~1.dll to the tomcat\bin folder.

5. Navigate to tomcat\conf\server.xml and edit the following tags:

a. Enable the FIPS Mode for the APR listener:


b. Configure the HTTPS connector to use the Native (OpenSSL) implementation of the SSL/TLS protocol:


6. Restart the Tomcat service