Open mikedalton opened 6 months ago
I think the target for fixes should be fips-preview
instead of fips-updates
because the former contains the modules which are currently undergoing certification for Ubuntu 22.04 against FIPS 140-3.
Thanks for opening this issue. I've tried different configurations; none of them have worked and they produce the same error seen above.
I got bit by this one too.
HPE has a question on FIPS controls for Ubuntu 22.04 for running their FedRAMP environment and are asking for any insight into a timeline for resolution.
Any progress on this?
Describe the bug
When configuring an Ubuntu 22.04 Pro server with the
fips-updates
service enabled, the configuration fails with the errorThe signing token has no private key and cannot be used for signing.
To Reproduce Steps to reproduce the behavior:
sudo pro enable fips-updates
The signing token has no private key and cannot be used for signing.
Expected behavior The runner is able to configure and/or start normally.
Runner Version and Platform
Version of your runner?
2.314.1
OS of the machine running the runner? OSX/Windows/Linux/...
Ubuntu Pro 22.04 LTS
What's not working?
Job Log Output
N/A
Runner and Worker's Diagnostic Logs
Investigation
Following clues from the stack trace and error message, the failure appears to be happening in this section of the runner code, where it is attempted to determine whether or not there is a private key by attempting a signing operation. Failure of the signing operation (regardless of actual reason) is resulting in the assumption that there is no private key.