LDAP Authentication fails in OpenShift 4 with "unexpected response: 500" error when FIPS is enabled

Solution Verified - Updated -

Issue

  • The oc login fails using AD or LDAP if the FIPS is enabled.
I0731 12:30:21.115963    1271 helpers.go:216] server response object: [{
  "metadata": {},
  "status": "Failure",
  "message": "Internal error occurred: unexpected response: 500",
  "reason": "InternalError",
  "details": {
    "causes": [
      {
        "message": "unexpected response: 500"
      }
    ]
  },
  "code": 500
}]
F0731 12:30:21.115994    1271 helpers.go:115] Error from server (InternalError): Internal error occurred: unexpected response: 500
  • The connection reset error comes in OAUTH pod when the authentication fails.
E0804 12:04:37.741466       1 basicauth.go:46] Error authenticating login "ad-user" with provider "ActiveDirectory": LDAP Result Code 200 "Network Error": read tcp 10.x.x.x:45308->131.x.x.x:636: read: connection reset by peer
I0804 12:04:37.741517       1 authenticator.go:49] OAuth authentication error: LDAP Result Code 200 "Network Error": read tcp 10.x.x.x:45308->131.x.x.x:636: read: connection reset by peer

Environment

  • Red Hat OpenShift Container Platform (OCP)
    • 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In