List OpenSSL providers available when FIPS mode can't be honored #1774
Description
We have seen several teams using AZL3 using an incorrect OpenSSL configuration, mostly because the /etc/pki folder has been mounted from the container host. The host might not know about OpenSSL 3 or SCOSSL, so the result is that OpenSSL might not use SCOSSL, but the default build-in providers. This issue is tricky to debug and even to detect, as the default build-in provider are supported by Microsoft Go.
The easiest way to detect this situation is running the application with GODEBUG=fips140=on, in which case the application will panic at start time because the default built-in provider doesn't support FIPS mode.
One thing we could do to facilitate debugging OpenSSL instanced that can't honor FIPS mode os to list the available OpenSSL providers. This way it will be more obvious that SCOSSL is not available.