Registration on Red Hat Satellite 6 fails when RHEL 9 client has FIPS with a DEFAULT or FUTURE crypto policy enabled
Issue
- Registration with
Red Hat Satellite
6 fails when RHEL 9 client hasFIPS
with a DEFAULT or FUTURE crypto policy enabled. -
Running any
subscription-manager
oryum
command on RHEL 9Content-hosts
registered withRed Hat Satellite
fails with the following error:ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: CA signature digest algorithm too weak (_ssl.c:1129)
SSL certificate problem: EE certificate key too weak Unable to verify server's identity: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)`
Environment
- Red Hat Satellite 6.11
- Red Hat Enterprise Linux 9
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.