Conjur does not start with an external Postgres database due to OpenSSL internal error, assertion failed: Low level API call to digest SHA256 forbidden in FIPS mode #177
Description
Summary
Conjur does not start with an external Postgres database due to OpenSSL internal error, assertion failed: Low level API call to digest SHA256 forbidden in FIPS mode
Steps to Reproduce
- Create a database on a remote Postgresql server
- Deploy Conjur OSS chart with database.url parameter:
helm install -n conjur --set dataKey="<DATA_KEY>" --set database.url="postgres://conjur:mysecretpwd@pghost:5432/conjur" conjur ./conjur-oss
Expected Results
Conjur pod connects to the database url
Actual Results
The Conjur Pod produces error message :
sha256.c(34): OpenSSL internal error, assertion failed: Low level API call to digest SHA256 forbidden in FIPS mode!
error: no implicit conversion from nil to integer
Sequel::Postgres::Database (0.4ms) SET standard_conforming_strings = ON
Sequel::Postgres::Database (0.3ms) SET client_min_messages = 'WARNING'
Sequel::Postgres::Database (0.3ms) SET DateStyle = 'ISO'
Feature 'pkce_support' enabled by default
Then the pod restarts, produces the same message and so on.
Reproducible
- Always
- Sometimes
- Non-Reproducible
Version/Tag number
image:
repository: cyberark/conjur # https://hub.docker.com/r/cyberark/conjur/
tag: 'latest'
pullPolicy: Always
nginx:
image:
repository: nginx # https://hub.docker.com/_/nginx/
tag: '1.15'
pullPolicy: Always
Environment setup
K8s cluster version: 1.24
Tested in 3 different clusters with 2 different Postgresql servers
Additional Information
Everything starts fine with the embedded Postgres deployment.