Fortinet black logo

CLI Reference

config system fips-cc

Configure FIPS-CC mode.

config system fips-cc

Description: Configure FIPS-CC mode.

set status [enable|disable]

set entropy-token [enable|disable|...]

set self-test-period {integer}

set key-generation-self-test [enable|disable]

end

Parameter

Description

Type

Size

Default

status

Enable/disable ciphers for FIPS mode of operation.

option

-

disable

Option

Description

enable

Enable FIPS-CC mode.

disable

Disable FIPS-CC mode.

entropy-token

Enable/disable/dynamic entropy token.

option

-

enable

Option

Description

enable

Enable entropy token to be present during boot process.

disable

Disable entropy token to be present during boot process.

dynamic

Dynamic detect entropy token to be present during boot process.

self-test-period

Self test period.

integer

Minimum value: 1 Maximum value: 1440

1440

key-generation-self-test

Enable/disable self tests after key generation.

option

-

disable

Option

Description

enable

Enable self tests after key generation.

disable

Disable self tests after key generation.

Configure FIPS-CC mode.

config system fips-cc

Description: Configure FIPS-CC mode.

set status [enable|disable]

set entropy-token [enable|disable|...]

set self-test-period {integer}

set key-generation-self-test [enable|disable]

end

Parameter

Description

Type

Size

Default

status

Enable/disable ciphers for FIPS mode of operation.

option

-

disable

Option

Description

enable

Enable FIPS-CC mode.

disable

Disable FIPS-CC mode.

entropy-token

Enable/disable/dynamic entropy token.

option

-

enable

Option

Description

enable

Enable entropy token to be present during boot process.

disable

Disable entropy token to be present during boot process.

dynamic

Dynamic detect entropy token to be present during boot process.

self-test-period

Self test period.

integer

Minimum value: 1 Maximum value: 1440

1440

key-generation-self-test

Enable/disable self tests after key generation.

option

-

disable

Option

Description

enable

Enable self tests after key generation.

disable

Disable self tests after key generation.