Storage zones controller

Enable FIPS 140-2 mode with storage zones controller configuration

Before applying the following configuration for ShareFile, validate that the FIPS mode is enabled on Windows Server. To do so:

  1. Launch the registry editor (regedit).
  2. Browse to the path: HKEY_LOCAL_MACHINE\SOFTWARE\PowerShell\Server\16
  3. Check for the registry value UseFIPSCompliantAPI.
  4. If the value data (DWORD) is 1, FIPS compliant mode is enabled.

If FIPS compliant mode is not enabled, use the following to enable FIPS compliant mode:

  1. Log on to Windows as a Windows system administrator.
  2. Click Start, click Control Panel, and then click Administrative Tools.


    You might have to switch to large icons for the next step.

  3. Click Local Security Policy. The Local Security Settings window appears.
  4. In the navigation pane, click Local Policies and then click Security Options.
  5. In the pane on the right, double-click System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.


    Enabling the preceding setting might affect all applications on the machine.

  6. In the dialog box that appears, click Enabled, click Apply, and then click OK.
  7. Close the Local Security Settings window.

For more information, see this Microsoft Support article.

By default, storage zones controller can use cryptography modules that are not compliant with FIPS 140-2 standard. After installing storage zones controller and before running ConfigService: Customers must add the following code example to turn on FIPS 140-2 compliance in their controller.


<add key="fipsOnly" value="1" />


Add the preceding code sample as a child of the <configuration> element at the end of the following file:


Next, reset IIS and restart all ShareFile services. Alternatively, restart your machine.


Information Resource Management (IRM) is not supported.

Enable FIPS 140-2 mode with storage zones controller configuration