Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-23549

Unable to run ccoctl commands on RHEL9 Host with FIPS enabled OCP cluster

XMLWordPrintable

    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      * Previously, the Cloud Credential Operator utility (`ccoctl`) could not run on a {op-system-base} 9 host with FIPS enabled.
      This release allows the user to run a version of the `ccoctl` utility that is compatible with the {op-system-base} version of their host, including {op-system-base} 9.
      (link:https://issues.redhat.com/browse/OCPBUGS-23549[*OCPBUGS-23549*])
      Show
      * Previously, the Cloud Credential Operator utility (`ccoctl`) could not run on a {op-system-base} 9 host with FIPS enabled. This release allows the user to run a version of the `ccoctl` utility that is compatible with the {op-system-base} version of their host, including {op-system-base} 9. (link: https://issues.redhat.com/browse/OCPBUGS-23549 [* OCPBUGS-23549 *])
    • Bug Fix
    • Done

      Description of problem:

      ccoctl - https://mirror.openshift.com/pub/openshift-v4/multi/clients/ocp-dev-preview/4.15.0-ec.2/ppc64le/ccoctl-linux.tar.gz
      
      ./ccoctl
      FIPS mode is enabled, but the required OpenSSL backend is unavailable

      Version-Release number of selected component (if applicable):

      4.15.0-ec.2

      How reproducible:

      Deploy OCP cluster with FIPS enabled

      Steps to Reproduce:

      1. Enable the var in var.tfvars - fips_compliant      = true
      2. Deploy the cluster
      3. run ccoctl commands
      

      Additional info:

      Not able to collect must gather logs due to the issue
      
      links - https://access.redhat.com/solutions/7034387

              Unassigned Unassigned
              sbobade Swapnil Bobade
              Julie Mathew Julie Mathew
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: