Why does "FreeRDP" crashes on RHEL system in FIPS mode.

Solution In Progress - Updated -

Issue

  • FIPS mode is enabled on Red Hat Enterprise Linux and Microsoft Window Server is configured to require FIPS-compliant encryption. When trying to connect to Windows 2008 Server from RHEL6, Xfreerdp is getting crashing on the system.
]$ /usr/bin/xfreerdp -u USERNAME -d SERVER_IP-OR_NAME

connected to SERVER_IP:3389
Password: 
Certificate details:
    Subject: C = XX, ST = XXXXX, L = XXXXX, O = XXXXX, OU = XXXXXX, CN = XXXXXXX
    Issuer: DC = xxx, DC = xxx, DC = xxxx, DC = xxxx, CN = xxxx
    Thumbprint: yy:da:yy:46:yy:49:yy:8a:yy:5f:yy:91:yy:cc:c7:yy:6d:yy:47
The above X.509 certificate could not be verified, possibly because you do not have the CA certificate 
in your certificate store, or the certificate has expired. Please look at the documentation on how to 
create local certificate store for a private CA. Do you trust the above certificate? (Y/N) Y
md4_dgst.c(74): OpenSSL internal error, assertion failed: Digest MD4 forbidden in FIPS mode!
Aborted (core dumped)
  • If FIPS encryption is disabled on the system, users are able to access the Windows systems without any issue.
  • Users has tried different security protocols with xfreerdp(eg: --sec tls, --sec rdp), but nothing helped.

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • freerdp-1.0.2-5.el6 and above

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In