Automation Suite on Linux installation guide

Last updated Sep 5, 2025

Security and compliance

Enabling FIPS 140-2

Federal Information Processing Standards 140-2 (FIPS 140-2) is a security standard that validates the effectiveness of cryptographic modules.

You can enable FIPS 140-2 on the machines on which you install Automation Suite in the following scenarios:

Enable FIPS 140-2 before performing a clean installation of Automation Suite 2023.4 or later. For details, see. Scenario 1: new installations
Enable FIPS 140-2 after performing an Automation Suite installation on a machine with FIPS-140-2 disabled. For details, see Scenario 2: existing installations.

Scenario 1: new installations

To enable FIPS 140-2 on the machines where you plan to perform a fresh installation of Automation Suite, take the following steps:

Before starting the Automation Suite installation, enable FIPS 140-2 on your machines.
For details, see:
- Configuring the machines in a single-node environment
- Configuring the machines in a multi-node environment
Perform the Automation Suite installation by following the installation instructions in this guide.
- If you install AI Center on a FIPS 140-2-enabled machine and also use Microsoft SQL Server, some additional configuration is required. For details, see:
  - Configuring Microsoft SQL Server in a single-node environment
  - Configuring Microsoft SQL Server in a multi-node environment
- Make sure Insights is disabled as it is not supported on FIPS 140-2.
Make sure your certificates are FIPS 140-2-compatible.
Note:
By default, Automation Suite 2023.4 and later generates self-signed FIPS 140-2-compatible certificates whose expiry date depends on the type of Automation Suite installation you choose.

You are strongly recommended to replace these self-signed certificates with CA-issues certificates at installation time. To use Automation Suite on FIPS 140-2-enabled machines, the newly provided certificates must be FIPS 140-2-compatible. For a list of eligible ciphers supported by RHEL, see RHEL documentation.
- To update the token-signing certificates, run:
  sudo ./configureUiPathAS.sh identity token-cert update --cert-file-path /path/to/cert --cert-key-file-path /path/to/certkeysudo ./configureUiPathAS.sh identity token-cert update --cert-file-path /path/to/cert --cert-key-file-path /path/to/certkey
- To update the TLS certificates, run:
  ./configureUiPathAS.sh additional-ca-certs update --ca-cert-file /path/to/ca/certs./configureUiPathAS.sh additional-ca-certs update --ca-cert-file /path/to/ca/certs
For more on certificates, see Managing the certificates.

Scenario 2: existing installations

You can install Automation Suite on machines with FIPS 140-2 disabled, and then enable the security standard on the same machines. This is also possible when you upgrade to a new Automation Suite version.

To enable FIPS 140-2 on the machines where you already performed an Automation Suite installation, take the following steps:

Perform a regular Automation Suite installation or upgrade operation on machines with FIPS 140-2 disabled.
Enable FIPS 140-2 by running the following command on all your machines:
```
fips-mode-setup --enablefips-mode-setup --enable
```
Make sure your certificates are FIPS 140-2-compatible.
Note:
To use Automation Suite on FIPS 140-2-enabled machines, you must replace your certificates with new FIPS 140-2-compatible certificates signed by a CA. For a list of eligible ciphers supported by RHEL, see RHEL documentation.
- To update the token-signing certificates, run:
  sudo ./configureUiPathAS.sh identity token-cert update --cert-file-path /path/to/cert --cert-key-file-path /path/to/certkeysudo ./configureUiPathAS.sh identity token-cert update --cert-file-path /path/to/cert --cert-key-file-path /path/to/certkey
- To update the TLS certificates, run:
  ./configureUiPathAS.sh additional-ca-certs update --ca-cert-file /path/to/ca/certs./configureUiPathAS.sh additional-ca-certs update --ca-cert-file /path/to/ca/certs
For more on certificates, see Managing the certificates.
Make sure your product selection is in line with the FIPS-140-2 requirements:
- If you install AI Center on a FIPS 140-2-enabled machine and also use Microsoft SQL Server, some additional configuration is required. For details, see:
  - Configuring Microsoft SQL Server in a single-node environment
  - Configuring Microsoft SQL Server in a multi-node environment
- If you previously enabled Insights, you must disable it as it is not supported on FIPS 140-2. For details on how to disable products post-installation, see Managing products.
Reboot your machines and check if you successfully enabled FIPS 140-2 by running the following command:
```
fips-mode-setup --checkfips-mode-setup --check
```

Rerun the install-uipath.sh service installer:

In an online environment, run:

./install-uipath.sh -i cluster_config.json -o output.json -s --accept-license-agreement – Online -- online./install-uipath.sh -i cluster_config.json -o output.json -s --accept-license-agreement – Online -- online

In an offline environment, run:

./install-uipath.sh -i ./cluster_config.json -o ./output.json -s --offline-bundle /uipath/tmp/sf.tar.gz --offline-tmp-folder /uipath/tmp --accept-license-agreement./install-uipath.sh -i ./cluster_config.json -o ./output.json -s --offline-bundle /uipath/tmp/sf.tar.gz --offline-tmp-folder /uipath/tmp --accept-license-agreement

On this page

Enabling FIPS 140-2
Scenario 1: new installations
Scenario 2: existing installations

Was this page helpful?

PREVIOUSCross-deployment feature comparison

NEXTCertificates overview

Support and Services

Get The Help You Need

UiPath Academy

Learning RPA - Automation Courses

UiPath Forum

UiPath Community Forum

Trust and Security

Cookies Policy