Bug 1929681 - Candlepin will not install in FIPS mode
Summary: Candlepin will not install in FIPS mode
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Candlepin
Classification: Community
Component: candlepin
Version: 3.1
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: ---
: 3.1
Assignee: ojanus
QA Contact:
URL:
Whiteboard:
Depends On: 1913441
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-02-17 12:30 UTC by ojanus
Modified: 2021-03-09 10:58 UTC (History)
5 users (show)

Fixed In Version: candlepin-3.1.25-1
Clone Of: 1913441
Environment:
Last Closed: 2021-03-09 10:58:44 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github candlepin candlepin pull 2932 0 None open [3.1]1929681: Candlepin will not install in FIPS mode 2021-02-17 12:36:12 UTC

Description ojanus 2021-02-17 12:30:27 UTC 
+++ This bug was initially created as a clone of Bug #1913441 +++

Description of problem:
 
On CentOS 8, if you attempt to install candlepin in FIPS-140-2 mode, the installation will fail

Version-Release number of selected component (if applicable): candlepin-3.1.22-1.el8.noarch

How reproducible: Always


Steps to Reproduce:
1. Before installing the RPM, ensure the system is in FIPS-140-2 mode using the command "fips-mode-setup --enable"
2. Reboot
3. Install the RPM

Actual results:

The installation fails with the error "does not verify: no digest"

Expected results:

The RPM installs successfully

Additional info:

As a workaround, you can temporarily disable FIPS-140-2 mode to install candlepin or install with the --nodigest --nofiledigest switches per https://access.redhat.com/solutions/4460971

Package was downloaded from baseurl=https://fedorapeople.org/groups/katello/releases/yum/3.18/candlepin/el8/

--- Additional comment from Jonathon Turel on 2021-02-16 16:39:04 UTC ---

Connecting redmine issue https://projects.theforeman.org/issues/31895 from this bug
Note You need to log in before you can comment on or make changes to this bug.