"McDermott, Becky" <bmcderm@xxxxxxxxxx> writes: > We have a requirement to run all of our applications on FIPS enabled hosts. Is it possible to install and successfully run postgreql on a FIPS enabled host? We do test that case from time to time, but not regularly. > We currently run postgres ina container that is executing on a FIPS enabled host with the setting: password_encryption = scram-sha-256 > And none of our Java clients can connect to the postgresql database. If we run postgresql on a non-FIPS enabled host, everything works fine. It sounds like something thinks that scram-sha-256 encryption is disallowed by FIPS. That may or may not be accurate. If it's supposed to be allowed, you'd need to poke a little harder to narrow down where the problem is. (Digging in our commit logs, it looks like version 14.2 has some changes that might make this work better than it did in older versions; but I can't tell from the log messages whether the issue being fixed was new-in-14 or not.) regards, tom lane
