Bug 2265507

Summary: gnutls fails in FIPS mode: Error in GnuTLS initialization: Error while performing self checks
Product: [Fedora] Fedora Reporter: Jelle van der Waa <jvanderwaa>
Component: gnutlsAssignee: Zoltan Fridrich <zfridric>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 40CC: ansasaki, crypto-team, dueno, fkrenzel, tm, zfridric
Target Milestone: ---Keywords: Triaged
Target Release: ---Flags: fedora-admin-xmlrpc: mirror+
Hardware: x86_64   
OS: Linux   
Whiteboard: CockpitTest
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-02-27 11:24:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jelle van der Waa 2024-02-22 13:05:33 UTC 
Cockpit's CI test in FIPS mode fail as cockpit-certificates segfaults, this is also reproducible with gnutls-cli.

Same issue as https://bugzilla.redhat.com/show_bug.cgi?id=2235589

Reproducible: Always

Steps to Reproduce:
1. fips-mode-setup --enable
2. reboot
3. gnutls-cli localhost



gnutls-3.8.3-2.fc40.x86_64
Comment 1 Zoltan Fridrich 2024-02-22 14:24:08 UTC 
Seems like the gnutls-3.8.3-2.fc40.x86_64 requires nettle-3.9.1-2.fc39.x86_64.rpm and gmp-6.2.1-5.fc39.x86_64.rpm to work in FIPS mode.
Comment 2 Zoltan Fridrich 2024-02-27 11:24:16 UTC 
Update for f40 has been created that fixes this issue: https://bodhi.fedoraproject.org/updates/FEDORA-2024-fce560cd38
Closing this bug.