FAQ: SiteRemote Server and SiteCaster CMS with FIPS compliance checking enabled

Beschreibung

The SiteRemote Server is generally compatible with the FIPS compliance feature of Windows Server.
If you also want to use SiteCaster CMS you need to make the following changes to the server's .NET configuration, otherwise you will get an error page with the message “Server Error in '/Authentication' Application.” after logging into the SiteCaster CMS page.

1. Open the “machine.config” file at the folder “C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\” with an editor (e.g. Notepad).
2. At the end of the <configuration> section (right before the </configuration> tag), add the following lines (just copy & paste):

    <mscorlib>
        <cryptographySettings>
            <cryptoNameMapping>
                <cryptoClasses>
                    <cryptoClass SHA512="System.Security.Cryptography.SHA512Cng, System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                    <cryptoClass SHA384="System.Security.Cryptography.SHA384Cng, System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                    <cryptoClass SHA256="System.Security.Cryptography.SHA256Cng, System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                    <cryptoClass HMACSHA512="Security.Cryptography.HMACSHA512Cng, Security.Cryptography, Version=1.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
                    <cryptoClass HMACSHA384="Security.Cryptography.HMACSHA384Cng, Security.Cryptography, Version=1.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
                    <cryptoClass HMACSHA256="Security.Cryptography.HMACSHA256Cng, Security.Cryptography, Version=1.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
                    <cryptoClass SymmetricEncryption="System.Security.Cryptography.AesCryptoServiceProvider, System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
                </cryptoClasses>
                <nameEntry name="System.Security.Cryptography.SHA512" class="SHA512"/>
                <nameEntry name="System.Security.Cryptography.SHA384" class="SHA384"/>
                <nameEntry name="System.Security.Cryptography.SHA256" class="SHA256"/>
                <nameEntry name="System.Security.Cryptography.HMACSHA256" class="HMACSHA256"/>
                <nameEntry name="HMACSHA512" class="HMACSHA512"/>
                <nameEntry name="HMACSHA384" class="HMACSHA384"/>
                <nameEntry name="HMACSHA256" class="HMACSHA256"/>
                <nameEntry name="System.Security.Cryptography.SymmetricAlgorithm" class="SymmetricEncryption"/>
            </cryptoNameMapping>
        </cryptographySettings>
    </mscorlib>

3. Save the changed “machine.config file.


Note:
- These changes apply to all .NET applications on this Windows Server system.
- Usually the SiteCaster CMS login works immediately after saving the changed “machine.config” file. If not you may restart the web page in IIS Manager or even the complete server machine.

Antwort: (0)

Keine Antworten/Kommentare
Mein Konto
Anmelden
Sprache (Artikel):