Gotcha,
Since Mongo holds all the metadata, have you check your ldap_settings in MongoDb?
By chance did JAVA get update also during your recent update?
Read my latest updated post
VERIFIEDā¦
fips-mode-setup --disable
reboot
Fixed
Now what, if you need FIPS to be federally compliant? I guess possibly you need a paid java solution with FIPS support?
1 Like
Thanks for posting the resolution.
Here is a relevant reference on the topic. May take the Graylog devs to implement something, or it may require disabling FIPS in java if FIPS is enabled in the OS.
Iām actually curious about this situation. Correct me if Iām wrong, but did you have FIPS enable on the OS level then enabled it also on the software level? or was this just enable on the software level then it fail with LDAP?
Enabled FIPS at boot time with a kernel arg. Read the RHEL document, it seems OpenJDK picks up the fips boot mode and acts accordingly. This broke the Graylog LDAP. It seems you can force OpenJDK not to follow the boot env and disable it. But that sort of defeats the purpose.
This broke my Gitlab setup as well as it turns out. It also uses java. 
1 Like
Thank you for your reply, This is good to know.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.