Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Chef embedded ruby is not linked with system openssl FIPS mode #8620
On Kernel level FIPS enabled server, chef embedded ruby is not linked with system openssl, it gives OpenSSL.fips_mode as false.
Whereas same thing for system ruby, it checks system openssl and gives OpenSSL.fips_mode as true.
We are concern about this, because even though chef-client runs in FIPS mode ON, some shell/ruby scripts which are run using chef embedded ruby, it sets FIPS mode to false as default.
CentOS Linux release 7.6.1810 (Core)