Hi everyone,
We're a relatively new team managing some RHEL 8 servers, and they were set up with FIPS mode enabled. However, earlier this year, FIPS mode got turned off unexpectedly, and we're trying to figure out the cause. We've been keeping up with regular vulnerability patching and implementing hardening policies lately. Can anyone shed some light on what might typically cause FIPS mode to disable itself? Also, if we want to turn it back on now, is there a significant risk involved? I've read that enabling FIPS can be tough if it wasn't set up from the start, but since it's been active for most of the servers' existence, is it safe to reinstate it?
2 Answers
It sounds like there might have been a change in your crypto policies, possibly related to Active Directory if you've joined a realm. RHEL doesn’t just turn off FIPS on its own, so something must have changed the settings. It's definitely worth checking those policies.
Is it common to have crypto policies reset after joining to Active Directory?
Have you checked the system and audit logs? They should give you a clearer picture of any changes made around the time FIPS was disabled.
Good question! I hadn’t considered the impact of AD changes on FIPS, so I appreciate the heads up.