Generating RSA private key w/FIPS Enabled Error

Rocky Linux Help & Support
1

In following this Generating SSL Keys I get this error:

Verifying - Enter pass phrase for domain.com.key.pass:
140461758793536:error:060800C8:digital envelope routines:EVP_DigestInit_ex:disabled for FIPS:crypto/evp/digest.c:135:

Does this mean I can’t does this with fips enabled, if so, how would I get this to work? Do I have to do this on a non-fips enable Rockey and would it work bring it over to my Development Rockey (FIPS) as well as the Production (FIPS)?

2

You need to make the kernel load the fips crypto information in order to have this work.

There is some documentation on how to do this here Chapter 5. Using system-wide cryptographic policies Red Hat Enterprise Linux 8 | Red Hat Customer Portal

1 Like