Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-3114

Puppet needs to use default keylength 2048 on FIPS enabled systems

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Won't Fix
    • Affects Version/s: PUP 2.7.25, PUP 3.6.2
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Environment:

      Any system that is FIPS enabled at boot time.

    • Template:
    • Team:
      Platform Core

      Description

      FIPS 140-2 does not allow for the use of 4096 bit keys. Therefore, the initial certificate generation of a key using a key length > 2048 bits will fail.

      Any system that is FIPS enabled, should use a 2048 bit key when generating the initial CA and server certificates.

        Attachments

          Activity

            People

            Assignee:
            jayant.sane Jayant Sane
            Reporter:
            peiriannydd Trevor Vaughan
            QA Contact:
            Kurt Wall
            Votes:
            1 Vote for this issue
            Watchers:
            11 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Zendesk Support