Health check configuration commands – HP Secure Key Manager User Manual

hostname#

show security settings

Key Security

Disable Creation and Use of Global Keys: Yes

Disable Non-FIPS Algorithms and Key Sizes: Yes

Disable RSA Encryption and Decryption: Yes

Device Security

Disable FTP for Certificate Import, Backup, and Restore: Yes

Disable Certificate Import through Serial Console Paste: Yes

Disable Hotswappable RAID Drives: Yes

Other Security

Allow Key & Policy Configuration Operations: Disabled

(FIPS-compliant)

Allow Key Export: Disabled (FIPS-compliant)

User Directory for KMS Server: Local (FIPS-compliant)

Allowed SSL Protocols: TLS 1.0 (FIPS-compliant)

Enabled SSL Ciphers: Only FIPS-compliant ciphers

Syntax

• security settings

Related com-
mand(s)

show fips server

– view the status of the FIPS Status Server and its IP and port.

hostname#

show fips server

Enable FIPS Status Server: Yes

Local IP: [All]

Local Port: 9081

You can view the FIPS Status Report by accessing http://<Local IP>:<Local Port>/status.html.

Syntax

• fips server

Related com-
mand(s)

show fips status

– view if the device is FIPS-compliant.

hostname#

show fips status

FIPS Compliant: No

Syntax

• fips compliant

Related com-
mand(s)

Health check configuration commands

health check

– enable and configure the Health Check feature.

Secure Key Manager

297