Verifying that your system uses FIPS-compliant encryption
You can verify that your system uses FIPS-compliant encryption by using the show fips status command from the CLI.
To verify that your system is FIPS compliant, connect to the CLI and enter these commands:
amnesiac > enable
amnesiac # configure terminal
amnesiac (config) # show fips status
CMC Autoregistration: Should not be configured in FIPS mode.
Citrix Basic Encryption: Should not be configured in FIPS mode.
SMB2 Signing: May not comply with FIPS standard.
FIPS Mode: Enabled
The output indicates if FIPS mode is enabled and displays any warnings for features that affect FIPS compliance. If no warnings appear and FIPS mode is enabled, your system is FIPS compliant. If warnings appear, you need to make configuration changes to achieve full compliance.
You cannot review FIPS compliance from the Management Console; however, if you attempt to configure features that affect FIPS compliance through the Management Console when in FIPS mode, the web interface produces an error message warning you of the conflict.
The following section describes the features that are not FIPS compliant and how to address them.