pgAdmin4 v6.21 on RHEL7.9 with FIPS enabled

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I am new to this list, please forgive me if I am submitting the following to the wrong place.

We've just installed pgAdmin4 web on RHEL7.9.
Once we started the httpd service, we couldn't login the system, the webpage spins forever.
The error message is attached below.
The RHEL 7.9 we use has FIPS enabled, e.g. cat /proc/sys/crypto/fips_enabled has a value of 1.

It seems the version of pgAdmin4, 6.21, still uses MD5, which is not allowed by FIPS.

I'd highly appreciate if anyone could let us know:

1. Is there a version of pgAdmin4 on RHEL 7.9 that supports FIPS?
2. Is there any plan down the road that pgAdmin4 would support FIPS on RHEL 7.9?
3. Is there any way to get around the issue?

Many thanks in advance,

==============Error msg in pgadmin log file =========================
2023-05-16 03:04:13,593: ERROR  pgadmin:        [digital envelope routines: EVP_DigestInit_ex] disabled for fips
Traceback (most recent call last):
  File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask/", line 1516, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask/", line 1502, in dispatch_request
Connection to closed by remote host.le.endpoint])(**req.view_args)
Connection to closed.thon3.6/site-packages/flask_login/", line 272, in decorated_view
[daxu@ip-192-168-40-129 ~]$ rgs)
  File "/usr/pgadmin4/web/pgadmin/browser/", line 634, in utils
  File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask/", line 150, in render_template,
  File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask/", line 128, in _render
    rv = template.render(context)
  File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/jinja2/", line 1291, in render
  File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/jinja2/", line 925, in handle_exception
    raise rewrite_traceback_stack(source=source)
  File "/usr/pgadmin4/web/pgadmin/browser/templates/browser/js/utils.js", line 119, in top-level template code
    gravatar: {% if config.SHOW_GRAVATAR_IMAGE %}'{{ username | gravatar }}'{% else %}''{% endif %},
  File "/usr/pgadmin4/venv/lib64/python3.6/site-packages/flask_gravatar/", line 151, in __call__
    hash = hashlib.md5(email.encode('utf-8')).hexdigest()
ValueError: [digital envelope routines: EVP_DigestInit_ex] disabled for fips

Daxu Yin

On Thursday, May 25, 2023 at 09:03:19 AM EDT, Ron <ronljohnsonjr@xxxxxxxxx> wrote:

On 5/25/23 03:21, Ravi GH wrote:
> Hello PG Admins , Team :)
> We have enabled SSL Based replication & connection from Application to
> PostgreSql DB using SSL via pgbouncer.
> My Question is in regard to implementing DataBase Encryption.
> Background : We are using PostgreSql DB for Atlassian Bitbucket Application.
>                        We want to implement encryption for databases at
> system level (  it can be at rest (archive)

PgBackRest can encrypt it's backups using AES-256.

> or while retrieving (accessing it)).
> Seeking guidance in this regard on How to enable DataBase Encryption of
> Postgresql DB. Can anyone guide me in this regard or share a few pointers
> pages on "How to enable it" or any 3rd party tools that can do ths.
> Thanks & Regards,
> Ravi

Born in Arizona, moved to Babylonia.

[Index of Archives]     [Postgresql Home]     [Postgresql General]     [Postgresql Performance]     [Postgresql PHP]     [Postgresql Jobs]     [PHP Users]     [PHP Databases]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Yosemite Forum]

  Powered by Linux