Skip to main content
Element Software
12.5 and 12.7

Enable FIPS 140-2 for HTTPS on your cluster

Contributors netapp-pcarriga amgrissino

You can use the EnableFeature API method to enable the FIPS 140-2 operating mode for HTTPS communications.

With NetApp Element software, you can choose to enable Federal Information Processing Standards (FIPS) 140-2 operating mode on your cluster. Enabling this mode activates the NetApp Cryptographic Security Module (NCSM) and leverages FIPS 140-2 Level 1 certified encryption for all communication via HTTPS to the NetApp Element UI and API.

Important After you enable FIPS 140-2 mode, it cannot be disabled. When FIPS 140-2 mode is enabled, each node in the cluster reboots and runs through a self-test ensuring that the NCSM is correctly enabled and operating in the FIPS 140-2 certified mode. This causes an interruption to both management and storage connections on the cluster. You should plan carefully and only enable this mode if your environment needs the encryption mechanism it offers.

For more information, see the Element API information.

The following is an example of the API request to enable FIPS:

{
  "method": "EnableFeature",
    "params": {
        "feature" : "fips"
    },
    "id": 1
}

After this operating mode is enabled, all HTTPS communication uses the FIPS 140-2 approved ciphers.