Fortinet white logo
Fortinet white logo

CLI Reference

config system fips-cc

config system fips-cc

Configure FIPS-CC mode.

config system fips-cc
    Description: Configure FIPS-CC mode.
    set entropy-token [enable|disable|...]
    set key-generation-self-test [enable|disable]
    set self-test-period {integer}
    set status [enable|disable]
end

config system fips-cc

Parameter

Description

Type

Size

Default

entropy-token

Enable/disable/dynamic entropy token.

option

-

enable

Option

Description

enable

Enable entropy token to be present during boot process.

disable

Disable entropy token to be present during boot process.

dynamic

Dynamic detect entropy token to be present during boot process.

key-generation-self-test

Enable/disable self tests after key generation.

option

-

disable

Option

Description

enable

Enable self tests after key generation.

disable

Disable self tests after key generation.

self-test-period

Self test period.

integer

Minimum value: 1 Maximum value: 1440

1440

status

Enable/disable ciphers for FIPS mode of operation.

option

-

disable

Option

Description

enable

Enable FIPS-CC mode.

disable

Disable FIPS-CC mode.

config system fips-cc

config system fips-cc

Configure FIPS-CC mode.

config system fips-cc
    Description: Configure FIPS-CC mode.
    set entropy-token [enable|disable|...]
    set key-generation-self-test [enable|disable]
    set self-test-period {integer}
    set status [enable|disable]
end

config system fips-cc

Parameter

Description

Type

Size

Default

entropy-token

Enable/disable/dynamic entropy token.

option

-

enable

Option

Description

enable

Enable entropy token to be present during boot process.

disable

Disable entropy token to be present during boot process.

dynamic

Dynamic detect entropy token to be present during boot process.

key-generation-self-test

Enable/disable self tests after key generation.

option

-

disable

Option

Description

enable

Enable self tests after key generation.

disable

Disable self tests after key generation.

self-test-period

Self test period.

integer

Minimum value: 1 Maximum value: 1440

1440

status

Enable/disable ciphers for FIPS mode of operation.

option

-

disable

Option

Description

enable

Enable FIPS-CC mode.

disable

Disable FIPS-CC mode.