See for more details on CONNECT's certificate configuration.
CONNECT currently references keystores and truststores via the file system. Determine the impact of this functionality per FIPS 140-2 requirements. Does this necessitate a change like the one listed in CONN-340?
There is a good two part write up about doing FIPS with CXF using the NSS libraries (GlassFish beware!):
REMINDER: GlassFish 3.x does not support the NSS libraries, as of April 2013.