FIPS error during Client Update

Symptom

On a client computer, using the LS Client Update service, the following FIPS error is generated during the download of the update package from the application server:
 

“An error occurred while downloading the file from the LS Client Update server: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.  When the download is resumed, it will start where it left off.  Do you want to retry now?”

Resolution

  1. Disable “Local Security Setting System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing”.

    1. From Administrative Tools, select  Local Security Policy > Local Policies > Security Options.
    2. Scroll to the “System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing" policy.
    3. Right-click on it, select Properties, and then select Disabled.
  2. Open RegEdit.

    1. Browse to the following path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\fipsalgorithmpolicy.
    2. Make note of the current value as it will need to be restored after the update is complete.
    3. Set the subkey to 0.
  3. After the client update is completed, revert the above settings back to their previous values.

Applies To

OnGuard (All versions)

Additional Information

None