Why does "FreeRDP" crashes on RHEL system in FIPS mode.
Issue
- FIPS mode is enabled on Red Hat Enterprise Linux and Microsoft Window Server is configured to require FIPS-compliant encryption. When trying to connect to Windows 2008 Server from RHEL6, Xfreerdp is getting crashing on the system.
]$ /usr/bin/xfreerdp -u USERNAME -d SERVER_IP-OR_NAME
connected to SERVER_IP:3389
Password:
Certificate details:
Subject: C = XX, ST = XXXXX, L = XXXXX, O = XXXXX, OU = XXXXXX, CN = XXXXXXX
Issuer: DC = xxx, DC = xxx, DC = xxxx, DC = xxxx, CN = xxxx
Thumbprint: yy:da:yy:46:yy:49:yy:8a:yy:5f:yy:91:yy:cc:c7:yy:6d:yy:47
The above X.509 certificate could not be verified, possibly because you do not have the CA certificate
in your certificate store, or the certificate has expired. Please look at the documentation on how to
create local certificate store for a private CA. Do you trust the above certificate? (Y/N) Y
md4_dgst.c(74): OpenSSL internal error, assertion failed: Digest MD4 forbidden in FIPS mode!
Aborted (core dumped)
- If FIPS encryption is disabled on the system, users are able to access the Windows systems without any issue.
- Users has tried different security protocols with xfreerdp(eg: --sec tls, --sec rdp), but nothing helped.
Environment
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- freerdp-1.0.2-5.el6 and above
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.