D.3. Enabling FIPS in RHVH

You can enable FIPS mode when installing a Red Hat Virtualization Host (RHVH). Red Hat does not support switching a provisioned RHVH machine to FIPS mode.

Note

RHVH ships as a single system image. If you select additional security profiles whose packages are not part of this system image, it may not be possible to install them. Please see the Red Hat Virtualization package manifest for a list of packages included with RHVH.

Procedure

  1. Download and begin installing a Red Hat Virtualization Host (RHVH).
  2. When the installer displays Installation Summary, click Security Policy.
  3. Click the VPP - Protection Profile for Virtualization 1.0 for Red Hat Virtualization Host (RHVH) profile.
  4. Click Select profile, set Apply security policy to On, and click Done.
  5. On the Installation Summary screen, verify that the status of Security Policy is Everything okay and complete the installation process.

Verification

Verify that FIPS is enabled by entering the command fips-mode-setup --check on the host. The command should return FIPS mode is enabled:

# fips-mode-setup --check
FIPS mode is enabled.