Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-131116

ipa vault-retrieve vault fails in FIPS mode with error 'Unable to retrieve key: Cannot encrypt passphrase: org.mozilla.jss.crypto.TokenException: Failed to unwrap key: (-8190) security library: received bad data'

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • rhel-10.2
    • ipa
    • None
    • None
    • None
    • rhel-idm-ipa
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • x86_64
    • None

      What were you trying to do that didn't work?

      ipa vault retrieve fails in FIPS mode

      What is the impact of this issue to you?

      vault retrieve fails

      Please provide the package NVR for which the bug is seen:

      ipa-server-4.12.2-26.el10.x86_64

      How reproducible is this bug?:

      Always

      Steps to reproduce

      1.  Install IPA in FIPS mode, create vault and retrieve vault.

      Expected results

      Vault retrieve should work but it fails with error.

      Actual results

      ['ipa', 'vault-retrieve', 'vault']

      ipa: ERROR: Unable to retrieve key: Cannot encrypt passphrase: org.mozilla.jss.crypto.TokenException: Failed to unwrap key: (-8190) security library: received bad data. ERROR

              frenaud@redhat.com Florence Renaud
              sumenon@redhat.com Sudhir Menon
              Florence Renaud Florence Renaud
              Sudhir Menon Sudhir Menon
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: