Triggering self-tests, Displaying and maintaining fips, Fips configuration examples – H3C Technologies H3C S6300 Series Switches User Manual

353

Triggering self-tests

To examine whether the cryptography modules operate correctly, you can trigger a self-test on the

cryptographic algorithms. The triggered self-test is the same as the power-up self-test. If the self-test fails,

the device where the self-test process exists reboots.
To trigger a self-test:

Step Command

1.

Enter system view.

system-view

2.

Trigger a self-test.

fips self-test

Displaying and maintaining FIPS

Execute display commands in any view.

Task Command

Display the FIPS mode state.

display fips status

FIPS configuration examples

Entering FIPS mode through automatic reboot

Network requirements

Use the automatic reboot method to enter FIPS mode, and use a console port to log in to the device in
FIPS mode.

Configuration procedure

# If you want to save the current configuration, execute the save command before you enable FIPS mode.
# Enable FIPS mode and choose the automatic reboot method to enter FIPS mode. Configure the

username as root and the password as 12345zxcvb!@#$%ZXCVB.

system-view

[Sysname] fips mode enable

FIPS mode change requires a device reboot. Continue? [Y/N]:y

Reboot the device automatically? [Y/N]:y

The system will create a new startup configuration file for FIPS mode. After you set the

login username and password for FIPS mode, the device will reboot automatically.

Enter username(1-55 characters):root

Enter password(15-63 characters):

Confirm password:

Waiting for reboot... After reboot, the device will enter FIPS mode.