I guess my Google-fu wasn't up to this one!
I have a system running CentOS 5.9 32-bit running in FIPS mode that I
would like to update. Unfortunately, it fails when attempting to run
"yum update". I've disabled all the repositories except for base
and
updates and still get the same issue, an error carping about an
algorithm forbidden by FIPS. Here's what I see:
> [root at ctsi1 proc]# yum --disablerepo=\* --enablerepo=updates,base update
> Loaded plugins: downloadonly, fastestmirror
> Loading mirror speeds from cached hostfile
> * base: mirror.beyondhosting.net
> * updates: yum.singlehop.com
> digest.c(151): OpenSSL internal error, assertion failed: Digest update
previous FIPS forbidden algorithm error ignored
> Aborted
> [root at ctsi1 proc]#
My searches seem to indicate that FIPS doesn't like MD5, which I thought
was pretty much essential to verifying the packages, but I saw no
documented work-arounds.
I've done a "yum clean all" (at least THAT works!) and it had no
effect.
I get the same error on "yum repolist", just in case you were
wondering. Grasping at other straws, I checked the system time, which
is correct (using NTP anyway).
Anybody got any ideas about how to work around this? I would really
rather NOT reboot in non-FIPS mode to update the system, then reboot in
FIPS mode, but if that's the only solution that's what I'll do.
Thanks!
--
Jay Leafey - jay.leafey at mindless.com
Memphis, TN
