As part of upgrading to SiteMinder 12.8, I'm prepping the environment to migrate to FIPS-140 mode. After running "setFIPSmigration", no problem changing the policy store key or super user password with smreg, but the step to re-encrypt the policy and key store passwords is a problem. The only way mentioned in the docs is to use the policy server management console (smconsole). But the firewall around our policy servers doesn't allow an x-window, so we never use smconsole. For the decades SM has been used, all updates to sm.registry are done via text editor.
Can anyone think of another way to re-encrypt the "AdminPW=" lines (for LDAP policy and key stores) in the registry??
My complicated but possible fallback is to install the policy server on a lab server set to FIPS-140 mode and copy paste the resulting passwords from the registry on the FIPS-140 lab server into my migrating servers. I'm looking for something less complicated.
Jim B.