Reputation: 3083
Running a .NET Core app on IIS 8.5 with FIPS enabled cause 500 error
I have a net core web application using windows authentication which i'm running on a windows server 2012 R2 machine under IIS 8.5. When trying to reach it I get:
InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms. System.Security.Cryptography.SHA256Managed..ctor()
given app.UseBrowserLink(); & app.UseDeveloperExceptionPage(); are used in Startup.cs otherwise I just get a 500 internal server error showing a blank screen.
If I disable FIPS (control panel -> administrative tools -> local security policy -> local policies -> security options -> "System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing") I can reach the site and windows authentication is working correctly.
So my question is why is using FIPS causing this error when hosting a net core app on IIS 8.5? Currently I don't have a requirement to use FIPS but that might change in the future.
Upvotes: 1
Views: 929
Answers (1)
Reputation: 181
Repro app is an ASP.NET 5 RC1 app, which uses dnx and dnu. Dnu restore uses code from NuGet2 which uses SHA256Managed class triggering IOE under FIPS.
ASP.NET Core RC2 uses nuget V3 which shouldn't have this problem so when you port your app to RC2, you should be good from FIPS perspective.
Upvotes: 2
Related Questions
- 500 Error when setting up Swagger in asp .net CORE / MVC 6 app
- Asp.Net Core Windows Authentication Not Working in IIS
- Computing SHA1 with ASP.NET Core
- .NET Core App | IIS | HTTP Error 500 - Could not load configuration. Exception message: Attribute 'processPath' is required
- Windows Authentication using Blazor with .Net Core WebApi
- .Net Core and Windows Authentication in IIS 8 Failing