To elaborate... I believe that the certificates generated in FIPS mode are different, so FIPS mode should be enabled before the first startup. Enabling later may cause data not to be sent between your Splunk servers as the certificates will not be valid, you should see errors in splunkd.log.
... View more
According to the docs: "The FIPS module disables the use of some cryptographic algorithms in the instance of Python that Splunk software uses to run apps (such as md5 and rc4)" - if the app uses them then it is not compatible with FIPS mode.
As an aside, usually you need to enable FIPS mode at install time, rather than enabling it later.
... View more