[PUP-3114] Puppet needs to use default keylength 2048 on FIPS enabled systems - Puppet Jira Server

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Normal
Resolution: Won't Fix
Affects Version/s: PUP 2.7.25, PUP 3.6.2
Fix Version/s: None
Component/s: None
Labels:
- DOCS
Environment:

Any system that is FIPS enabled at boot time.

Epic Link:
FIPS-Enabled Puppet
Team:
Platform Core

Description

FIPS 140-2 does not allow for the use of 4096 bit keys. Therefore, the initial certificate generation of a key using a key length > 2048 bits will fail.

Any system that is FIPS enabled, should use a 2048 bit key when generating the initial CA and server certificates.

Attachments

Activity

People

Assignee:: Jayant Sane

Reporter:: Trevor Vaughan

QA Contact:: Kurt Wall

Votes:: 1 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 2014/08/20 12:53 PM

Updated:: 2019/04/04 10:32 PM

Resolved:: 2018/01/03 1:15 PM