Enabling FIPS mode

Last Updated : Jun 08, 2026 |

About this task

FIPS is a cryptographic security standard. Use this procedure if your enterprise requires FIPS-compliant cryptographic algorithms only.

FIPS mode is enabled at the operating system level before starting the Avaya Aura® Device Services installation. If FIPS is enabled in the operating system, then Avaya Aura® Device Services will be installed in FIPS mode. Otherwise, Avaya Aura® Device Services will be installed in non-FIPS mode. FIPS installation is only supported for new installations. You cannot upgrade a non-FIPS system to a FIPS system. If you want to enable FIPS on a non-FIPS system or disable FIPS on a FIPS system, you must uninstall the Avaya Aura® Device Services application first, change FIPS mode, and then install Avaya Aura® Device Services.

Important:

The following features are unavailable in FIPS mode:

  • OAuth / SAML authorization

  • Onboard Open LDAP

Note:

  • If FIPS mode is enabled, you must use the Secure LDAP (LDAPS) protocol to configure LDAP.

  • In cluster deployments, if FIPS mode is enabled, SSL encryption for internode communication between the database servers on the Avaya Aura® Device Services nodes is enabled by default.

Before you begin

If you deploy Avaya Aura® Device Services in Avaya Aura® environment, ensure that FIPS mode is enabled on both System Manager and Session Manager.

  • For more information about enabling FIPS on System Manager, see the Security chapter in Administering Avaya Aura® System Manager.

  • For more information about enabling FIPS on Session Manager, see the Security chapter in Administering Avaya Aura® Session Manager.

Procedure

  1. Log in to the virtual machine with the deployed Avaya Aura® Device Services OVA as an administrator.
  2. Run the following command to enable FIPS mode: 
    sys secconfig --fips --enable
  3. Optional To review the FIPS status, run the following command: 
    sys secconfig --fips --query