Skip to main content

Enabling/Disabling FIPS Cryptographic Modules

With HMP 3.9+, the hardware-based cryptographic modules are no longer used. Instead software-based FIPS modules are available. As a result, the method to enable/disable FIPS has changed.

Note

If your HMP 3.8 has FIPS enabled, prior to upgrading to version 3.9, you must disable FIPS via the web interface. After the upgrade to HMP 3.9 completes, the software-based FIPS modules can be enabled as detailed below.


Enabling FIPS

To enable FIPS:

  1. SSH into your HMP.
  2. Elevate to root access.
  3. Run the following command:
    configure_wolfengine_fips.sh proceed 1
  4. Reboot your HMP by running the reboot command.

Disabling FIPS

To disable FIPS:

  1. SSH into your HMP.
  2. Elevate to root access.
  3. Run the following command:
    configure_wolfengine_fips.sh proceed 0
  4. Reboot your HMP by running the reboot command.

Confirming FIPS Status

To confirm the current FIPS status use the following procedure:

  1. Ensure your HMP has rebooted following any FIPS enable/disable procedure.
  2. SSH into your HMP.
  3. Elevate to root access.
  4. Run the following command: openssl engine -t
  5. FIPS status depends on the returned results:
    • If wolfengine is not mentioned in the results, then FIPS is disabled.
    • If the following results are returned mentioning that wolfengine is available, then FIPS is enabled.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close