Problem:
We have enabled FIPS during our DocuWare installation. During this process, the setup is unable to contact the database. The following error message was found when investigating the DocuWare.Setup.Server.Log log file;
"This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."
We have enabled FIPS during our DocuWare installation. During this process, the setup is unable to contact the database. The following error message was found when investigating the DocuWare.Setup.Server.Log log file;
"This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."
Additionally, "System cryptography: Use FIPS" was also enabled in our Local Group Policy.
Solution:
By product design, DocuWare does not support FIPS. Please refer to the information below on how to disable FIPS for DocuWare services.
1. To disable FIPS, we must alter various config files by implementing the following option between the runtime tags within these files.
<runtime>
<enforceFIPSPolicy enabled="false"/>
</runtime>
2. Now that we know how these files must be altered, add this option in the following files:
Note: Please make a copy of each file that you modify for backup purposes.
- DWAuthenticationServer.exe.config file located by default at C:\Program Files (x86)\DocuWare\Authentication Server
- All Background Process Service config files if the <runtime> tag persists (Default location: C:\Program Files\DocuWare\Background Process Service).
- Under \Windows\Microsoft.NET\Framework\v4.0.30319, the files machine.config and aspnet.config should be edited.
- Under \Windows\Microsoft.NET\Framework64\v4.0.30319, the files machine.config and aspnet.config should be edited.
3. Once this is complete, please perform an IIS Reset.
KBA is applicable for On-premise Organizations ONLY.