HP Secure Key Manager User Manual
Page 270

Syntax
hostname# fips server
Enable FIPS Status Server [y]:
Available IP addresses:
1.
All
2.
172.17.3.21
Local IP (1-2)[1]:
Local Port [9081]:
NOTE:
You can view the FIPS Status Report by accessing http://<Local IP>:<Local
Port>/status.html.
Related
command(s)
• show fips server
reset factory settings zeroize – zeroize all keys and passwords on the device.
Syntax
NOTE:
For security purposes, this command can only be run from the CLI at the console.
You cannot execute this command remotely via the CLI over SSH or from the
Management Console.
hostname# reset factory settings zeroize
Related
command(s)
• reset factory settings
security settings – change the status of security-related functionality on the SKM.
This functionality must be disabled for FIPS compliance. These settings are automatically configured when you
select Set FIPS Compliance in the FIPS Compliance section.
IMPORTANT:
When you enable FIPS compliance on the SKM, the functionality displayed here is disabled. Modifying
any
of the items in the High Security Settings section immediately takes the device out of FIPS
compliance. This section should be used to
review
the key and device security functionality that has
been disabled for full FIPS compliance. When the device is FIPS-compliant, do not alter these settings.
IMPORTANT:
According to FIPS requirements, you cannot enable or disable FIPS when there are keys on the SKM.
You must
manually
delete all keys before enabling and disabling FIPS compliance. Keys are zeroized
upon deletion.
We strongly recommend that you back up your keys before deleting.
For more information, see
Using advanced security features
Syntax
hostname# security settings
Disable Creation and Use of Global Keys [y]:
Disable Non-FIPS Algorithms and Key Sizes [y]:
Disable RSA Encryption and Decryption [y]:
Disable FTP for Certificate Import, Backup, and Restore [y]:
Disable Certificate Import through Serial Console Paste [y]:
Disable Hotswappable RAID Drives [y]:
Related
command(s)
• show security settings
show security settings – view the status of security-related functionality on the SKM.
NOTE:
This functionality must be disabled for FIPS compliance. These settings are automatically configured
when you select Set FIPS Compliance in the FIPS Compliance section. For more information, see
270
Using the Command Line Interface