Someone has a service that uses a FIPS non-compatible hash in a protocol signature. When FIPS 140-2 compatibility is enabled on the hosts the service crashes (due to the hash signature being not allowed by the security configuration of the host). A way to get around this is to put the service in a Docker container on the FIPS compatible host. It works, but is it ok from a FIPS compatibility point of view? If not, why?
Go to Source