Modifying keystore entries for FIPS

Enabling or disabling FIPS in SSMC requires making modifications to the keystore created for the CA-signed server certificate. When you create the server certificate before enabling FIPS, the required keystore changes are made automatically to the certificates when you enable FIPS.

However, if you are installing web server certificate for SSMC after enabling FIPS, then manual changes are required to normalize the keystore type that complies with the FIPS 140-2 requirements.