PGP Encryption Desktop 10.4 displays a popup with an error message after enabling FIPS 140-2 operational and integrity checks.

To enable FIPS 140-2 operational and integrity checks from the PGP Encryption Server (Symantec Encryption Management Server) administration console, do the following:

1. Navigate to Consumers / Consumer Policy.
2. Click on the name of the policy you wish to modify.
3. Click on the PGP Encryption Desktop button.
4. In the General tab, enable Activate FIPS 140-2 operational and integrity checks and click Save.

To enable FIPS 140-2 operational and integrity checks on a standalone client do the following:

1. Open PGP Encryption Desktop.
2. Select Tools / Options from the main menu.
3. In the Advanced tab, enable the option Activate FIPS 140-2 operational and integrity checks and save.

In about 30 seconds a popup appears stating:

"FIPS 140-2 integrity check failed (err=-11446)"

PGP Encryption Desktop 10.4 and above operate in FIPS mode automatically.  Enabling the option for FIPS mode causes this error.

Upgrade to PGP Encryption Server 3.4.1 MP1 or above and PGP Encryption Desktop 10.4.1 MP1 or above.

Note that enabling the option Activate FIPS 140-2 operational and integrity checks is not necessary in PGP Encryption Desktop 10.4 and above because FIPS 140-2 operational and integrity checks are enabled by default.

See article 178330 for more information on which products are currently FIPS 140-2 validated.