vCenter: vcenter-8.fips-enable

Information

The vCenter Server must enable FIPS-validated cryptography. FIPS cryptography makes a number of changes to the system to remove weaker ciphers. Enabling this will cause vCenter Server to reboot.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

$spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true
Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec

See Also

https://github.com/vmware/vcf-security-and-compliance-guidelines/raw/refs/heads/main/security-configuration-hardening-guide/vsphere/8.0/