/mcp• To enable FIPS in a cluster, first enable the Publisher and make sure all the configured services are properly initialized which will take some time to come up. Then enable fips in all other nodes one after the other within the cluster. CiscoSSH Support Unified Communications Manager supports CiscoSSH. When you enable FIPS mode on your system, CiscoSSH is enabled automatically with no extra configuration required. For more information, see the Compatibility Matrix for Cisco Unified Communications Manager and the IM and Presence Service. Disable FIPS 140-2 Mode Consider the following information before you disable FIPS 140-2 mode on Unified Communications Manager: • In single or multiple server clusters, we recommend you to run the CTL Client. If the CTL Client is not run on a single server cluster, you must manually delete the ITL File after disabling FIPS mode. • In multiple server clusters, each server must be disabled separately, because FIPS mode is not disabled cluster-wide but rather on a per-server basis. To disable FIPS 140-2 mode, perform the following procedure: Procedure Step 1 Start a CLI Session. For more information, see the Starting a CLI Session section in the Command Line Interface Reference Guide for Cisco Unified Communications Solutions. Step 2 In the CLI, enter utils fips disable Unified Communications Manager reboots and is restored to non-FIPS mode. Note Certificates and SSH key are regenerated automatically. Check FIPS 140-2 Mode Status To confirm if the FIPS 140-2 mode is enabled, check the mode status from the CLI. To check the status of FIPS 140-2 mode, perform the following procedure: Procedure Step 1 Start a CLI Session. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 247 Advanced System Security CiscoSSH Support