FIPS Mode Support Guide
Note
This guide only applies to YubiHSM 2 FIPS devices.
Putting YubiHSM 2 into FIPS Mode
To configure the YubiHSM 2 into the FIPS Approved mode of operation:
Step 1: | Use the put option 0 fips-mode 01
|
---|---|
Step 2: | Import new Authentication Keys to replace the default values. |
Validating the Mode
To check the mode of operation, use the Get Option
service.
get option 0 fips-mode
where-
01
return code indicates the Approved mode.00
return code indicates the non-Approved mode.
Taking it out of FIPS Mode
To configure the YubiHSM 2 into the non-Approved mode of operation.
Step 1: | Delete all objects on the YubiHSM 2. |
---|---|
Step 2: | Use the put option 0 fips-mode 00
|