Reputation: 24316
Rails 4.2.6 disable MD5 for FIPS compliance
How does one disable MD5 and other non-FIPS compliant algorithms in Rails 4.2.6 and Ruby 2.2+?
Started GET "/" for ::1 at 2016-04-12 11:00:52 -0400 Processing by Rails::WelcomeController#index as / Rendered /usr/local/rvm/gems/ruby-2.2.4/gems/railties-4.2.6/lib/rails/templates/rails/welcome/index.html.erb
(0.9ms) Completed 200 OK in 20ms (Views: 6.5ms | ActiveRecord: 0.0ms) md5_dgst.c(78): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode! Aborted (core dumped)
Upvotes: 0
Views: 665
Answers (1)
Reputation: 3341
This has been addressed in Rails 5.2. See https://github.com/rails/rails/issues/31203. New apps should be compliant now by default and upgraded ones can use Rails.application.config.active_support.use_sha1_digests = true
Upvotes: 1
Related Questions
- Getting error: Peer authentication failed for user "postgres", when trying to get pgsql working with rails
- How to install Radius MFA on FIPS enabled Amazon Linux server
- FIPS mode causing Ruby on Rails app to fail because of MD5 digest/openssl issue?
- rails can't migrate: "don't know how to build task VERSION:0"
- Trouble with accepts_nested_attributes_for in Rails 5.0.0.beta3, -api option
- incompatible library version
- Rake aborted undefined method `each'
- Rails4 Sprockets; Asset logical path has no extension