Hi,
I am new to this list, please forgive me if I am submitting the following to the wrong place.
We've just installed pgAdmin4 web on RHEL7.9.
Once we started the httpd service, we couldn't login the system, the webpage spins forever.
The error message is attached below.
The RHEL 7.9 we use has FIPS enabled, e.g. cat /proc/sys/crypto/fips_enabled has a value of 1.
It seems the version of pgAdmin4, 6.21, still uses MD5, which is not allowed by FIPS.
I'd highly appreciate if anyone could let us know:
1. Is there a version of pgAdmin4 on RHEL 7.9 that supports FIPS?
2. Is there any plan down the road that pgAdmin4 would support FIPS on RHEL 7.9?
3. Is there any way to get around the issue?
Many thanks in advance,
==============Error msg in pgadmin log file =========================
2023-05-16 03:04:13,593: ERROR pgadmin: [digital envelope routines: EVP_DigestInit_ex] disabled for fips
Traceback (most recent call last):
File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask/app.py", line 1516, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask/app.py", line 1502, in dispatch_request
Connection to 10.138.182.10 closed by remote host.le.endpoint])(**req.view_args)
Connection to 10.138.182.10 closed.thon3.6/site-packages/flask_login/utils.py", line 272, in decorated_view
[daxu@ip-192-168-40-129 ~]$ rgs)
File "/usr/pgadmin4/web/pgadmin/browser/__init__.py", line 634, in utils
current_ui_lock=current_ui_lock
File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask/templating.py", line 150, in render_template
ctx.app,
File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask/templating.py", line 128, in _render
rv = template.render(context)
File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/jinja2/environment.py", line 1291, in render
self.environment.handle_exception()
File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/jinja2/environment.py", line 925, in handle_exception
raise rewrite_traceback_stack(source=source)
File "/usr/pgadmin4/web/pgadmin/browser/templates/browser/js/utils.js", line 119, in top-level template code
gravatar: {% if config.SHOW_GRAVATAR_IMAGE %}'{{ username | gravatar }}'{% else %}''{% endif %},
File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask_gravatar/__init__.py", line 151, in __call__
hash = hashlib.md5(email.encode('utf-8')).hexdigest()
ValueError: [digital envelope routines: EVP_DigestInit_ex] disabled for fips
Daxu Yin
410-340-5842
410-340-5842
On Thursday, May 25, 2023 at 09:03:19 AM EDT, Ron <ronljohnsonjr@xxxxxxxxx> wrote:
On 5/25/23 03:21, Ravi GH wrote:
> Hello PG Admins , Team :)
>
> We have enabled SSL Based replication & connection from Application to
> PostgreSql DB using SSL via pgbouncer.
>
> My Question is in regard to implementing DataBase Encryption.
>
> Background : We are using PostgreSql DB for Atlassian Bitbucket Application.
> We want to implement encryption for databases at
> system level ( it can be at rest (archive)
PgBackRest can encrypt it's backups using AES-256.
> or while retrieving (accessing it)).
>
> Seeking guidance in this regard on How to enable DataBase Encryption of
> Postgresql DB. Can anyone guide me in this regard or share a few pointers
> pages on "How to enable it" or any 3rd party tools that can do ths.
>
> Thanks & Regards,
> Ravi
--
Born in Arizona, moved to Babylonia.
> Hello PG Admins , Team :)
>
> We have enabled SSL Based replication & connection from Application to
> PostgreSql DB using SSL via pgbouncer.
>
> My Question is in regard to implementing DataBase Encryption.
>
> Background : We are using PostgreSql DB for Atlassian Bitbucket Application.
> We want to implement encryption for databases at
> system level ( it can be at rest (archive)
PgBackRest can encrypt it's backups using AES-256.
> or while retrieving (accessing it)).
>
> Seeking guidance in this regard on How to enable DataBase Encryption of
> Postgresql DB. Can anyone guide me in this regard or share a few pointers
> pages on "How to enable it" or any 3rd party tools that can do ths.
>
> Thanks & Regards,
> Ravi
--
Born in Arizona, moved to Babylonia.