HP BladeSystem Onboard Administrator User Guide
Introduction 23
NOTE: When running a version of Onboard Administrator firmware earlier than version 3.70
with Strong Encryption mode enabled, if you update the firmware to version 3.70 or later, an
entry might be logged to the Onboard Administrator syslog indicating that the Onboard
Administrator is operating in FIPS Mode. This syslog entry ("FIPS: OA is operating in FIPS
Mode On
") is incorrect and can be ignored.
FIPS Mode and Encryption settings
OA 3.60
Encryption
Normal
OA 3.60
Encryption
Strong
OA 3.70
FIPS
Mode
OFF
OA 3.70
FIPS Mode
ON
OA 4.11
OA 4.20
FIPS Mode
ON
OA 4.11
OA 4.20
FIPS Mode
OFF
General Security Items
CSPs Zeroization
NO NO NO YES YES NO
Known Answer Tests
(KATs)
NO NO NO YES YES NO
Power-up tests
NO NO NO YES YES YES
Continuous PRNG testing
NO NO NO YES YES YES
Minimum Password
Length required
3 3 3 8 8 3
Require Password
Complexity (upper, lower,
symbols)
NO NO NO YES YES NO
FIPS compatible PRNG
(X9.31)
NO NO YES YES YES YES
Telnet service disabled
NO NO NO
1
YES YES NO
1
Enclosure IP Mode
disabled
NO NO NO YES YES NO
Support Dump disabled
NO NO NO YES YES NO
SNMPv1 and SNMPv2
services disabled
NO NO NO YES YES NO
Partition Integrity
Checking
NO NO YES YES YES YES
Requires Insight Display
LCD PIN
NO NO NO YES YES NO
SSL Encryption
Default SSL Key Size
2048 2048 2048 2048 2048 2048
Default self-signed
certificate Hash Signature
algorithm
SHA1 SHA1 SHA256 SHA256 SHA256 SHA256
Configurable SSL hash
signature algorithms on
self signed certificate
NO NO YES YES YES YES
SSL Protocols
SSLv3
TLSv1
SSLv3
TLSv1
SSLv3
TLSv1
TLSv1 TLSv1
TLSv1.1
TLSv1.2
SSLv3
TLSv1
TLSv1.1
TLSv1.2
Reject Certificates with
non FIPS Hash Signature
Algorithms
2
NO NO NO YES YES NO