First, be aware of what actually happens when you enforce FIPS140-2 complient encryption within Windows. Details are at http://technet.microsoft.com/en-us/library/cc750357.aspx. However, the main 'gotcha' (old SSL website's don't work in IE anymore) is detailed in the article linked below.

首先，请注意在 Windows 中强制执行符合 FIPS140-2 的加密时实际发生的情况。详细信息位于http://technet.microsoft.com/en-us/library/cc750357.aspx。但是，下面链接的文章详细介绍了主要的“问题”（旧的 SSL 网站不再在 IE 中工作）。

The official instructions to enable FIPS 140-2 complience are at http://support.microsoft.com/kb/811833, but can be summarised as follows:

启用 FIPS 140-2 合规性的官方说明位于http://support.microsoft.com/kb/811833，但可以总结如下：

1. Using an account that has administrative credentials, log on to the computer.
2. Click Start, click Run, type gpedit.msc, and then press ENTER.
3. In the Local Group Policy Editor, under the Computer Configurationnode, double-click Windows Settings, and then double-click Security Settings.
4. Under the Security Settings node, double-click Local Policies, and then click Security Options.
5. In the details pane, double-click System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing.
6. In the System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing dialog box, click Enabled, and then click OKto close the dialog box.
7. Close the Local Group Policy Editor.

1. 使用具有管理凭据的帐户登录到计算机。
2. 单击开始，单击运行，键入gpedit.msc，然后按 Enter。
3. 在本地组策略编辑器的计算机配置节点下，双击Windows 设置，然后双击安全设置。
4. 在“安全设置”节点下，双击“本地策略”，然后单击“安全选项”。
5. 在详细信息窗格中，双击系统加密：使用符合 FIPS 的算法进行加密、散列和签名。
6. 在系统加密：使用符合 FIPS 的算法进行加密、散列和签名对话框中，单击启用，然后单击确定关闭对话框。
7. 关闭本地组策略编辑器。

If you wish to do this manually, you can also simply change the registry key HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabledto 1

如果您想手动执行此操作，您也可以简单地将注册表项更改HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled为 1

Finally, to repeat, it is very importantthat you read through the documentation before you enable this - it changes cryptography system wide, including how the file system (both EFS and Bitlocker) and network (IE, Remote Desktop and the main cryptographic libraries) are allowed to encrypt, as well as if you allowed to recover lost encryption keys.

最后，重复一遍，在启用此功能之前通读文档非常重要- 它会更改加密系统范围，包括文件系统（EFS 和 Bitlocker）和网络（IE、远程桌面和主要加密库）的方式允许加密，以及是否允许恢复丢失的加密密钥。

As an alternative, for Windows 7 users (with admin rights), this is one of the "Network Properties". Step by step:

作为替代方案，对于 Windows 7 用户（具有管理员权限），这是“网络属性”之一。一步步：

1. click on the "Network" icon on task bar.
2. right click > Properties on the specific Network connection
3. switch to the "Security" tab.
4. click on "Advanced Settings" button.
5. click the checkbox labeled "Enable Federal Information Processing Standards (FIPS) compliance for this network.

1. 单击任务栏上的“网络”图标。
2. 右键单击 > 特定网络连接上的属性
3. 切换到“安全”选项卡。
4. 单击“高级设置”按钮。
5. 单击标记为“为此网络启用联邦信息处理标准 (FIPS) 合规性”的复选框。

Also, have in mind:

另外，请记住：

• Recommended reading: http://technet.microsoft.com/en-us/magazine/ff847520.aspx
• This setting sepends on what you have selected as "Security Type" on the Security Tab
• Your wireless network adapter card mightbe doing this encryption in hardware already. This checkbox will switch from that to rather performing AES encryption in software.

• 推荐阅读：http: //technet.microsoft.com/en-us/magazine/ff847520.aspx
• 此设置取决于您在“安全”选项卡上选择的“安全类型”
• 您的无线网络适配器卡可能已经在硬件中进行了这种加密。此复选框将从该复选框切换到在软件中执行 AES 加密。