10.2.2. Enabling FIPS Mode for Applications Using NSS
The procedure for enabling FIPS mode on Red Hat Enterprise Linux systems described in Section 10.2.1, “Enabling FIPS Mode” does not affect the FIPS state of Network Security Services (NSS), and thus does not affect applications using NSS. When required, the user can switch any NSS application to FIPS mode using the following command:
Replace dir with the directory specifying the NSS database used by the application. If more than one NSS application uses this database, all these applications will be switched into FIPS mode. The applications have to be restarted for the NSS FIPS mode to take effect.
Provided that the nss-sysinit package is installed, and the application whose NSS database you need to locate opens the
/etc/pki/nssdbfile, the path to the user NSS database is
To enable FIPS mode for the Firefox web browser and the Thunderbird email client, go to Edit → Preferences → Advanced → Certificates → Security Devices → Enable FIPS.