Disabling FIPS

Last Updated : Jun 05, 2026 |

About this task

Use this procedure to disable FIPS 140–2 mode.

Note:

Avaya Hardware and Avaya OVA customers: Follow steps 1 & 2 to disable FIPS at the OS level. Proceed to Step 3 to reconfigure the EPM software.

Software-only customers: Follow the procedure provided in the Red Hat customer portal for disabling FIPS mode at the OS level. For details, see How can I make RHEL 6/7/8 FIPS 140-2 compliant?. Proceed to Step 3 to reconfigure the EPM software.

Procedure

  1. Run the following command from a local Linux console as root:

    fips-mode-setup --disable

    Reboot the system after you execute the command.

  2. Re-login and run the following commands to verify if FIPS is inactive:

    cat /proc/sys/crypto/fips_enabled

    sysctl crypto.fips_enabled

    If the output for both of the commands is 0, FIPS is disabled.

    cat /proc/sys/crypto/fips_enabled
 see: "0"

sysctl crypto.fips_enabled 
 see "crypto.fips_enabled = 0"
  3. After disabling FIPS at OS level, run the following script to return the primary or auxiliary EPM to its pre-FIPS configuration:

    $AVAYA_HOME/Support/Security-Tools/AAEP_FIPS_remove.sh

    EPM returns to its pre-FIPS configuration after the system reboots.

    Note:

    All customers (Software-only, Hardware, and OVA) can run this script, after disabling FIPS at the OS level, to reconfigure the EPM software.