This article contains information about the Security Officer (SO) password, which is required during the HSM initialization phase of the ADC FIPS appliance.

Background

The ADC appliance facilitates secure encryption of sensitive data. During the HSM initialization phase of the FIPS appliance, you must specify a Security Officer (SO) Password. The maximum usable characters in the SO Password are 14.

The following is a sample of the set ssl fips command using a correct and an incorrect password length:

Correct:
set ssl fips -initHSM Level-2 userpassword so123456789012 user123 -hsmLabel ctxNS2011

Incorrect:
set ssl fips -initHSM Level-2 userpassword so1234567890123456789 user123 -hsmLabel ctxNS2011

Error Messages

• The FIPS enabled ADC MPX appliances and FIPS enabled ADC 9010 appliances display error messages if the length of the initial SO password is 31 characters.

• If the length of the SO password is between 15 and 30 characters, it does not display an error message.

• If the length of the initial SO password is more than 14 characters, the FIPS enabled ADC appliance does not initialize, when the appliance is restarted after the first prompt for restarting the appliance is displayed.

• If the length of the initial SO password is more than 14 characters, after restarting the appliance, the ADC command line interface might display the following message when you continue to proceed with the FIPS module configuration:
  "ERROR: Configuration possibly inconsistent. Please check with the "show configstatus" command or reboot."

Additional Resources