Comments 9 Posted In Red Hat Enterprise Linux error "Unable to verfify server identity (SSL) malloc failure Latest response 2019-08-14T21:41:02+00:00 v8.1 beta after installation unable to complete subscription registration error. Hence cannot use the OS, please help. SS Started 2019-08-13T19:52:14+00:00 by Samir Shaik Community Member 20 points Log in to join the conversation Responses Sort By Oldest Sort By Newest Guru 12760 points 13 August 2019 8:50 PM RJ Hinton Community Leader Hi Samir Shaik, Can you give us some details on the specific error you received? I am curious if you are using FIPS by chance? Regards, RJ SS Community Member 20 points 14 August 2019 4:14 PM Samir Shaik Looks like same symptom as per the link. root@rhel#sysctl crypto.fips_enabled crypto.fips_enabled = 1 File "/usr/lib64/python3.6/http/client.py", line 974, in send self.connect() File "/usr/lib64/python3.6/http/client.py", line 1415, in connect server_hostname=server_hostname) File "/usr/lib64/python3.6/ssl.py", line 365, in wrap_socket _context=self, _session=session) File "/usr/lib64/python3.6/ssl.py", line 773, in init self.do_handshake() File "/usr/lib64/python3.6/ssl.py", line 1033, in do_handshake self._sslobj.do_handshake() File "/usr/lib64/python3.6/ssl.py", line 645, in do_handshake self._sslobj.do_handshake() ssl.SSLError: [SSL] malloc failure (_ssl.c:877) 2019-08-13 23:38:13,865 [ERROR] subscription-manager:9866:MainThread @managercli.py:215 - Error during registra tion: [SSL] malloc failure (_ssl.c:877) 2019-08-13 23:38:13,866 [ERROR] subscription-manager:9866:MainThread @managercli.py:216 - [SSL] malloc failure (_ssl.c:877) [root@rhel8 ~]# Guru 12760 points 13 August 2019 8:51 PM RJ Hinton Community Leader Please let us know the output of this command, please run this as root: sysctl crypto.fips_enabled SS Community Member 20 points 14 August 2019 5:39 PM Samir Shaik root@rhel#sysctl crypto.fips_enabled crypto.fips_enabled = 1 Guru 12760 points 13 August 2019 9:00 PM RJ Hinton Community Leader Please make sure time synchronization is correct according to this. I doubt this is an issue but am posting it here just in case.. If none of this helps, please post the precise error (Maybe that's the error in the subject line of this discussion you started?). Please let us know how this goes Regards RJ SS Community Member 20 points 14 August 2019 4:14 PM Samir Shaik is this a bug in this version? any ETA for a fix. Guru 12760 points 14 August 2019 5:48 PM RJ Hinton Community Leader Hi Samir Shaik, I suspect the bug is the one I discovered and mentioned in a previous post. I'm curious if your system might be affected by this bug, I'd imagine so. I do not work for Red Hat, so I don't know the ETA. That being said, the Bugzilla is listed as "urgent" Please run these commands on your system, and see if they resemble/match the output at this Bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=1728361 rpm -q subscription-manager openssl crypto-policies kernel update-crypto-policies --show cat /etc/crypto-policies/back-ends/openssl.config cat /etc/crypto-policies/back-ends/opensslcnf.config cat /etc/crypto-policies/back-ends/nss.config getenforce rpm -q platform-python Does this log /var/log/rhsm/rhsm.log contain any similar output to this bug https://bugzilla.redhat.com/show_bug.cgi?id=1728361? Something you can do is at grub, change "fips=1" to "fips=0" for a one-time boot then attempt to register your system as you normally would. Then reboot afterwards to enter FIPS mode. Let us know Regards RJ Guru 12760 points 14 August 2019 5:53 PM RJ Hinton Community Leader Samir Shaik, If you post any output etc, please put it between two instances of tilde characters such as below. ~~~ your code goes here ~~~ More info on formatting at this link Thanks RJ Active Contributor 142 points 14 August 2019 9:41 PM Panos Asproulis I experienced the same problem with both 8.0 and 8.1 beta. I was installing the Workstation option and I managed to overcome this problem when installing additional packages from the ISO installer. I chose to install basically everything under the Workstation option except for servers and support for secure cards. After that I could complete the registration without this problem. You may want to try this approach before some fix is applied.