App doesn't support FIPS mode
#2 Updated by Luke Murphey over 3 years ago
Before you start Splunk Enterprise for the first time, edit $SPLUNK_HOME/etc/splunk-launch.conf to add the following line: SPLUNK_FIPS=1
#6 Updated by Luke Murphey over 3 years ago
I'm seeing an error when I run the app:
fips_md.c OpenSSL internal error, assertion failed: Digest update previous FIPS forbidden algorithm error ignored Aborted (core dumped)
What is odd is that the unit test don't detect this because running "splunk cmd python" doesn't run Python in FIPS mode. The following works on a FIPS Splunk instance:
import hashlib hashlib.md5("test").hexdigest()
Neither hashlib.algorithms_available nor hashlib.algorithms_guaranteed indicate that MD5 is not available even in the code running with OpenSSL in FIPS mode.
#9 Updated by Luke Murphey over 3 years ago
Might be able to use this code to determine if OpenSSL is in FIPS mode too.