Fips commands – HP Secure Key Manager User Manual
Page 295
• host run
• traceroute run
• ping run
Related com-
mand(s)
traceroute run
– print the route packets take to the specified network host.
hostname (config)# traceroute run <hostname>
Syntax
• host run
• netstat run
• ping run
Related com-
mand(s)
FIPS commands
fips compliant
– make the device FIPS-compliant.
This will alter various server settings, as documented in
Using advanced security features
IMPORTANT:
According to FIPS requirements, you cannot enable or disable FIPS when there are keys on the SKM.
You must
manually delete all keys before enabling and disabling FIPS compliance. Keys are zeroized
upon deletion.
We strongly recommend that you back up your keys before deleting.
IMPORTANT:
Setting this device to be FIPS-compliant forces SSL connections to the KMS Server and to the Web
Administration service to use TLS 1.0 only. Some Web browsers, including Internet Explorer 6.0, do
not have TLS 1.0 enabled by default. If your browser is no longer able to make a connection to this
device, please check that it has TLS 1.0 enabled. (In Internet Explorer, select Internet Options from the
Tools menu, click the Advanced tab, scroll down to the Security section, and make sure the “Use TLS
1.0” checkbox is checked.)
hostname#
fips compliant
This device is now FIPS-compliant.
Syntax
• show fips status
Related com-
mand(s)
fips server
– enable the FIPS status server and assign it an IP and a port.
hostname#
fips server
Enable FIPS Status Server [y]:
Available IP addresses:
1. All
2. 172.17.3.21
Local IP (1-2)[1]:
Local Port [9081]:
NOTE:
You can view the FIPS Status Report by accessing http://<Local IP>:<Local
Port>/status.html.
Syntax
Secure Key Manager
295