Use the fips self-tests command either in FIPS mode or non-FIPS mode to run the Known Answer Tests (KATs) and conditional tests on demand in both FIPS mode and non-FIPS mode.
device# fips self-tests WARNING: Issuing of this command may result in your device reloading. WARNING: Please verify firmware images are installed correctly first. Are you sure? (enter 'y' or 'n'): y fips crypto drbg health check tests ran successful. FIPS Power On Self Tests and KAT tests successful. Running FIPS Software/Firmware Integrity Test Verifying MP Image file primary.....Verified OK FIPS: Image verification passed for primary SYSLOG: <14>Sep 6 19:31:53 FIPS: Image verification passed for primary PASSED Verifying MP Monitor.....Verified OK FIPS: Image verification passed for monitor SYSLOG: <14>Sep 6 19:32:04 FIPS: Image verification passed for monitor PASSED Verifying LP Image file lp-primary-.....Verified OK FIPS: Image verification passed for lp-primary-0 SYSLOG: <14>Sep 6 19:32:05 FIPS: Image verification passed for lp-primary-0 PASSED Verifying LP Monitor.....Verified OK FIPS: Image verification passed for lp-monitor-0 SYSLOG: <14>Sep 6 19:32:16 FIPS: Image verification passed for lp-monitor-0 PASSED FIPS Software/Firmware Integrity Test PASSED Running continuous DRBG check. Running continuous DRBG check successful. Pairwise consistency check successful. FIPS KAT and Conditional Tests... PASSED
Syntax: fips self-tests
The following log message is generated when the KAT is completed, but no trap messages are generated because the system is not fully operational.
“Crypto module initialization and Known Answer Test (KAT) passed”.