Diagnostic commands, Fips commands – HP Secure Key Manager User Manual
Page 269
Diagnostic commands
host run – look up the host specified using the domain server.
Syntax
hostname (config)# host run <hostname>
Related
command(s)
• traceroute run
• netstat run
• ping run
ping run – send ICMP ECHO_REQUEST packets to the specified network host.
Syntax
hostname (config)# ping run <hostname>
Related
command(s)
• host run
• traceroute run
• netstat run
netstat run – generate a list of all active connections on the SKM.
Syntax
hostname (config)# netstat run
Related
command(s)
• host run
• traceroute run
• ping run
traceroute run – print the route packets take to the specified network host.
Syntax
hostname (config)# traceroute run <hostname>
Related
command(s)
• host run
• netstat run
• ping run
FIPS commands
fips compliant – make the device FIPS-compliant.
This will alter various server settings, as documented in
Using advanced security features
IMPORTANT:
According to FIPS requirements, you cannot enable or disable FIPS when there are keys on the SKM.
You must
manually
delete all keys before enabling and disabling FIPS compliance. Keys are zeroized
upon deletion.
We strongly recommend that you back up your keys before deleting.
IMPORTANT:
Setting this device to be FIPS-compliant forces SSL connections to the KMS Server and to the Web
Administration service to use TLS 1.0 only. Some Web browsers, including Internet Explorer 6.0, do
not have TLS 1.0 enabled by default. If your browser is no longer able to make a connection to this
device, please check that it has TLS 1.0 enabled. (In Internet Explorer, select Internet Options from the
Tools menu, click the Advanced tab, scroll down to the Security section, and make sure the “Use TLS
1.0” checkbox is checked.)
Syntax
hostname# fips compliant
This device is now FIPS-compliant.
Related
command(s)
• show fips status
fips server – enable the FIPS status server and assign it an IP and a port.
Secure Key Manager
269