search

nginxinc / kubernetes-ingress

NGINX and NGINX Plus Ingress Controllers for Kubernetes
https://docs.nginx.com/nginx-ingress-controller
Apache License 2.0
4.58k stars 1.96k forks source link

Unable to build FIPS compliant images with OpenSSL Base Provider 3.1.6 & OpenSSL FIPS Provider 3.0.9 #5913

Open shaun-nx opened 3 days ago

shaun-nx commented 3 days ago

Example nginx config:

events {
    worker_connections 1024;
}

http {
    server {
        listen 30000;
        server_name localhost;

        location / {
            root /usr/share/nginx/html;
            index index.html index.htm;
        }
    }
}

Output from NGINX config test:

# nginx -T
nginx: configuration file /etc/nginx/nginx.conf test failed

NGINX version:

# nginx -v
nginx version: nginx/1.25.5 (nginx-plus-r32)

Alpine version:

# cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.19.2
PRETTY_NAME="Alpine Linux v3.19"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"

Openssl version:

# apk info openssl
openssl-3.1.6-r0 description:
Toolkit for Transport Layer Security (TLS)

openssl-3.1.6-r0 webpage:
https://www.openssl.org/

openssl-3.1.6-r0 installed size:
732 KiB

fips module:

Providers:
  base
    name: OpenSSL Base Provider
    version: 3.1.6
    status: active
  fips
    name: OpenSSL FIPS Provider
    version: 3.0.9
    status: active
github-actions[bot] commented 3 days ago

Hi @shaun-nx thanks for reporting!

Be sure to check out the docs and the Contributing Guidelines while you wait for a human to take a look at this :slightly_smiling_face:

Cheers!