FIPS compliance error

The managed Oracle data provider uses a non-compliant MD5 provider. If you enable FIPS in the Registry, an exception is thrown when Oracle users attempt to log into Optiva. The exception warns users that there is a FIPS Compliance error.

The workaround is to disable FIPS globally in the Registry. By default, FIPS is disabled. There are two workarounds.

  1. Edit the Registry.
    1. Open the Registry editor.
    2. Locate the key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
    3. Change the Enabled value to 0 instead of 1.
    4. Restart the machine.
  2. Open the machine.config file. This file can be found in c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config.
    1. Replace the self-closing runtime element with this syntax: 
      
    <runtime>
       <enforceFIPSPolicy enabled="false"/>
    </runtime>
    2. Run iisreset.exe. The change to the machine.config file affects all (64-bit) .NET 4.0+ applications, not only the ASP.NET applications.