Red Hat Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

  • Comments
    • Tags

    RHEL 9 cryptography policy

    Posted on

    For a check (RHEL-09-672045) in the RHEL 9 STIG, it's for verifying the configured policy matches the generated policy. The full check text is pasted below. FIPS is enabled on the host. However, it returns "The configured policy does NOT match the generated policy". What would the issue be and how to fix?

    $ sudo update-crypto-policies --show

    FIPS

    If the cryptography is not set to "FIPS" and is not applied, this is a finding.

    $ sudo update-crypto-policies --check

    The configured policy matches the generated policy

    If the command does not return "The configured policy matches the generated policy", this is a finding.

    by

    points

    Responses

    Red Hat LinkedIn YouTube Facebook X, formerly Twitter

    Quick Links

    Help

    Site Info

    Related Sites

    © 2026 Red Hat