LDAP Authentication fails in OpenShift 4 with "unexpected response: 500" error when FIPS is enabled

Solution Verified - Updated -

Issue

  • The oc login fails using AD or LDAP if the FIPS is enabled.
I0731 12:30:21.115963    1271 helpers.go:216] server response object: [{
  "metadata": {},
  "status": "Failure",
  "message": "Internal error occurred: unexpected response: 500",
  "reason": "InternalError",
  "details": {
    "causes": [
      {
        "message": "unexpected response: 500"
      }
    ]
  },
  "code": 500
}]
F0731 12:30:21.115994    1271 helpers.go:115] Error from server (InternalError): Internal error occurred: unexpected response: 500
  • The connection reset error comes in OAUTH pod when the authentication fails.
E0804 12:04:37.741466       1 basicauth.go:46] Error authenticating login "ad-user" with provider "ActiveDirectory": LDAP Result Code 200 "Network Error": read tcp 10.x.x.x:45308->131.x.x.x:636: read: connection reset by peer
I0804 12:04:37.741517       1 authenticator.go:49] OAuth authentication error: LDAP Result Code 200 "Network Error": read tcp 10.x.x.x:45308->131.x.x.x:636: read: connection reset by peer

Environment

  • Red Hat OpenShift Container Platform (OCP)
    • 4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content