Offline Installation of Session Monitor with the FIPS Mode Enabled

This section contains instructions to perform offline installation of Session Monitor with the FIPS mode enabled.

Before enabling the FIPS mode, ensure that you read the section Known Limitations and Caveats

The following libraries are the minimum versions required for FIPS, which are downloaded as part of the Session Monitor zip file.

Oracle Linux 8 Repository - BaseOS Latest
openssl-1.1.1k-12.el8_9.x86_64.rpm - https://yum.oracle.com/repo/OracleLinux/OL8/baseos/latest/x86_64/getPackage/openssl-1.1.1k-12.el8_9.x86_64.rpm.
Oracle Linux 8 Repository - Security Validation (Update 4)
- gnutls-3.6.16-8.el8_9.3_fips.x86_64.rpm - https://yum.oracle.com/repo/OracleLinux/OL8/4/security/validation/x86_64/getPackage/gnutls-3.6.16-8.el8_9.3_fips.x86_64.rpm
- libgcrypt-1.8.5-7.el8_6_fips.x86_64.rpm - https://yum.oracle.com/repo/OracleLinux/OL8/4/security/validation/x86_64/getPackage/libgcrypt-1.8.5-7.el8_6_fips.x86_64.rpm
  
  Note:
  The minimum version required for the openssl package is openssl-1.1.1k-12.el8_9.x86_64.rpm or higher.

Login to the Session Monitor server installed with Oracle Linux 8.10 as a root user or root privileged user.
Install the Session Monitor in an Offline Mode using the zip bundle.

Note:
For more information, see the Installation Guide.
Once the Session Monitor is installed, navigate to the /tmp/ocsm directory where the RPM files and scripts have been downloaded for offline installation and ensure the FIPS scripts have executable permissions. If not, use the following command to set the execute permission:
```
chmod +x ./scripts/FIPS_Scripts/*.sh
```
Enable FIPS mode in Oracle Linux 8.10 by executing the following command.
```
./scripts/FIPS_Scripts/Enable_FIPS_on_OL.sh <mode of install>
```
Note:
In this command, the <mode of install> is either online or offline based on the type of installation being done. For example, ./scripts/FIPS_Scripts/Enable_FIPS_on_OL.sh offline.
Execute the following command to verify FIPS status on Oracle Linux
```
fips-mode-setup --check
```
Execute the following command to enable FIPS at MySQL.
```
./scripts/FIPS_Scripts/Enable_FIPS_on_MySQL.sh
```

Execute the following command to verify the status of FIPS on the MySQL server.

mysql vsp -e 'select md5(8);show warnings;';

The output looks like:

+---------+------
+------------------------------------------------------------------------+
| Level | Code |
Message |
+---------+------
+------------------------------------------------------------------------+
| Warning | 4073 | SSL fips mode error: FIPS mode ON/STRICT: MD5 digest is
not supported. |
+---------+------
+------------------------------------------------------------------------+
1 row in set (0.00 sec)