Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-14580

Enabling FIPS integration breaks IPA on a system set to use RADIUS

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Undefined Undefined
    • None
    • rhel-8.7.0.z
    • ipa
    • None
    • Important
    • rhel-sst-idm-ipa
    • ssg_idm
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • None
    • None
    • None

      What were you trying to do that didn't work?

      When the customer is trying to introduce RAIDUS integration into their FIPS-enabled IPA environment, after setting radius_md5_fips_override = true in their Kerberos configuration IPA no longer will start.

      Please provide the package NVR for which bug is seen:

      • ipa-server-4.9.11-6.module+el8.8.0+19022+e8902f4b.x86_64
      • freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64

      How reproducible:

      I don't have the ability to reproduce the issue myself, so I'm unable to confirm the existence of this defect.

      Steps to reproduce

      1. Install RHEL with FIPS mode enabled.
      2. Install and configure IPA.
      3. Follow this KCS: https://access.redhat.com/solutions/4650511

      Expected results

      IPA starts with RADIUS enabled.

      Actual results

      IPA fails to start.

              antorres@redhat.com Antonio Torres
              rhn-support-ccallaha Chance Callahan
              Florence Renaud Florence Renaud
              IPA QE Bot IPA QE Bot
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: