RHEL 9 cryptography policy

Comments

For a check (RHEL-09-672045) in the RHEL 9 STIG, it's for verifying the configured policy matches the generated policy. The full check text is pasted below. FIPS is enabled on the host. However, it returns "The configured policy does NOT match the generated policy". What would the issue be and how to fix?

$ sudo update-crypto-policies --show

FIPS

If the cryptography is not set to "FIPS" and is not applied, this is a finding.

$ sudo update-crypto-policies --check

The configured policy matches the generated policy

If the command does not return "The configured policy matches the generated policy", this is a finding.

Started 2023-10-27T22:08:41+00:00 by

David Lu

Newbie 5 points

Responses

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)

Select Your Language

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links