Forum Discussion

zans_365404's avatar
zans_365404
Icon for Nimbostratus rankNimbostratus
Sep 07, 2018

FIPS card status

Hello.   I'm wondering if there is any way to see, whether or not the FIPS card is operational via iControl REST API.   If REST API doesn't provide that information, I'm interested if it can be...
BIG-IP
devops
iControlREST
jaikumar_f5's avatar
jaikumar_f5
Icon for Noctilucent rankNoctilucent
Sep 07, 2018

If its a Non FIPS box,

fipsutil info

No supported FIPS device found

If its a FIPS box,

fipsutil info

Label:             F5FIPS
HSM Serial Number: xxxxxxx

If the box is already FIPS initialized,

fipsutil init

HSM already initialized

If the box is NOT FIPS initialized, running the below command would start initializing, followed by asking the SO/DO pwds.

fipsutil init

NFB Initialization Process

WARNING - all private keys in NFB will be erased after SO password is entered!
Any configuration objects dependent on FIPS keys will cause the configuration fail to load.
Passwords must be at least 7 characters in length.
Enter no password if you instead wish to cancel.

New SO Password:
Re-enter new SO Password: