Description of problem: Installation of a RHEL 7.9 client fails in FIPS mode with a RHEL 9.2 server. Version-Release number of selected component (if applicable): Client: # rpm -qa ipa-client openssl ipa-client-4.6.8-5.el7_9.14.x86_64 openssl-1.0.2k-26.el7_9.x86_64 Server: # rpm -qa ipa-server openssl openssl-3.0.7-16.el9_2.x86_64 ipa-server-4.10.1-7.el9_2.x86_64 How reproducible: Always Steps to Reproduce: 1. Install a RHEL 9.2 server in FIPS mode ipa-server-install --domain ipa.test --realm IPA.TEST -a password - password -U 2. Install a RHEL 7.9 client in FIPS mode ipa-client-install --domain ipa.test --realm IPA.TEST --server server.ipa.test --principal admin --password password -U Actual results: The client installation fails due to a SSL handshake failure: # ipa-client-install --domain ipa.test --realm IPA.TEST --server server.ipa.test --principal admin --password Secret123 -U WARNING: ntpd time&date synchronization service will not be configured as conflicting service (chronyd) is enabled Use --force-ntpd option to disable it and force configuration of ntpd Client hostname: client.ipa.test Realm: IPA.TEST DNS Domain: ipa.test IPA Server: server.ipa.test BaseDN: dc=ipa,dc=test Skipping synchronizing time with NTP server. Successfully retrieved CA cert Subject: CN=Certificate Authority,O=IPA.TEST Issuer: CN=Certificate Authority,O=IPA.TEST Valid From: 2023-07-06 12:52:19 Valid Until: 2043-07-06 12:52:19 Enrolled in IPA realm IPA.TEST Created /etc/ipa/default.conf New SSSD config will be created Configured sudoers in /etc/nsswitch.conf Configured /etc/sssd/sssd.conf trying https://server.ipa.test/ipa/json [try 1]: Forwarding 'schema' to json server 'https://server.ipa.test/ipa/json' cannot connect to 'https://server.ipa.test/ipa/json': [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:618) The ipa-client-install command failed. See /var/log/ipaclient-install.log for more information Expected results: Client installation should succeed. Additional info: This issue is related to the change done on openssl side with Bug 2188046 - Support requiring EMS in TLS 1.2, default to it when in FIPS mode [rhel-9.2.0.z] In FIPS mode, if the server is installed with openssl-3.0.7-16.el9_2, the TLS Extended Master Secret (EMS) extension (RFC 7627) is mandatory for TLS 1.2 connections. RHEL 7.9 clients can communicate only using TLS 1.2 but don't support this extension. RHEL 8.x clients support TLS 1.2 and TLS 1.3 and are not impacted. The direct consequence is that RHEL 7.9 clients cannot join a RHEL 9.2+ server in FIPS mode. This limitation should be documented.
This error occurs in the context of a RHEL 7.9 client installation, but based on the error, we can probably expect it to happen for all HTTPS API requests (not just during the installation process): cannot connect to 'https://server.ipa.test/ipa/json': [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:618) Current deployments are very likely to be affected too.
That's correct. NIST now requires that modules submitted for FIPS certification after May 16th, 2023, enforce the extended master secret in TLS 1.2, or use TLS 1.3. RHEL 7 does not support TLS 1.3 or the extended master secret. See also https://access.redhat.com/solutions/7018256 which explains this. To put it in a different way: modules submitted for FIPS certification after May 16th, 2023, can no longer talk to RHEL 7 servers using TLS while being FIPS-compliant.