Use FIPS compliant algorithms for encryption, hashing and signing

Enable this policy to use FIPS 140-2 compliant cryptographic algorithms, including encryption, hashing and signing algorithms. This policy only takes effect on those OS platforms that Centrify has been FIPS 140-2 certified.
If this setting is enabled, Centrify DirectControl Agent uses only the FIPS 140-2 approved cryptographic algorithms: 3DES and AES for encryption, RSA or DSA public key cryptography, and only the Secure Hashing Algorithm (SHA1, SHA256, SHA384, and SHA512) for the hashing requirements over the wire.
This policy is disabled by default.
Note: The Federal Information Processing Standard (FIPS) 140 is a security implementation designed for certifying cryptographic software. FIPS 140 validated software is required by the U.S. Government and requested by other prominent institutions.
This policy modifies the fips.mode.enable setting in the Centrify DirectControl configuration file.

Supported on:

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\Fips
Value Namefips.mode.enable
Value TypeREG_SZ
Enabled Valuetrue
Disabled Valuefalse

Set banner path

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\Fips
Value Namefips.mode.enable
Value TypeREG_DWORD
Default Value/etc/issue

centrifydc_fips.admx

Administrative Templates (Computers)

Administrative Templates (Users)