After enabling FIPS compliant algorithms, we cant create new organizations. is there a way to make this work?
By creating :
Server was unable to process request. ---> Error executing 'CREATE_ORG' task on 'testdom.local' ORGANIZATION ---> Server was unable to process request. ---> Exception has been thrown by the target of an invocation. ---> This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
Audit Log / Execution log :
Server was unable to process request. ---> Exception has been thrown by the target of an invocation. ---> This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at SolidCP.EnterpriseServer.OrganizationController.RollbackOrganization(Int32 packageId, String organizationId)
Server was unable to process request. ---> Exception has been thrown by the target of an invocation. ---> This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at SolidCP.Providers.HostedSolution.Organizations.OrganizationExists(String organizationId)
at SolidCP.EnterpriseServer.OrganizationController.CreateOrganization(Int32 packageId, String organizationId, String organizationName, String domainName)
Kind Regards,
Robin
Hello,
I cannot say we have ever tried to use SolidCP with FIPS enabled. Do note that Microsoft does no longer recommend its enabled (Or to disable it if enabled for that matter) to see the reasons why please see this blog: https://blogs.technet.microsoft.com/secguide/2014/04/07/why-were-not-recommending-fips-mode-anymore/ . As SolidCP is a .NET Framework application this could be causing the issues.
That being said i would make sure SolidCP Server is installed on a AD account with the correct permissions needed and make sure in the Configuration -> Servers -> Settings under Active Directory Settings you have it set to:
Security Mode: Use Active Directory Accounts
Authentication Type:None
Root domain:<Your Domain>
Username and Password should remain blank.
This will hopefully fix the issue for you.
Kind Regards,
Trevor Robinson
Hi Trevor,
Based on the informatie of the provided link, I advised the customer to change the FIPS setting and they agreed. Problem resolved 🙂
Robin
