To configure Rational DOORS Web Access to comply with SP800-131a, you modify the Apache Tomcat server configuration values to reject requests with certificates that do not meet the minimum required encryption strengths. You must use a security provider that complies with FIPS 140-2 and configure its system properties to run in SP 800-131a mode. That configuration ensures that you are using the proper protocol and cipher suites.
For strict compliance, key strength and signature algorithms are also verified. Strict compliance allows only the TLS version 1.2 protocol. You must ensure that the certificates, keys, and secure random number generator, if specified, are all compliant with SP 800-131a.
Update client browsers to one which supports the minimum TLS version. The minimum TLS version is determined by the value that is specified in the server.xml sslProtocol property.
Ensure that client and server certificates, including root and intermediate certificates, are at least 112 bits and are signed properly, as defined in this procedure. Check keys in keystores and trusted certificates in trust stores.
See the technote Configuring the Rational DOORS database server and client for compliance with NIST SP800-131a.