Jota Martos created ZOOKEEPER-4973:
--------------------------------------
Summary: fips-mode parameter in the configuration doesn't work as
expected
Key: ZOOKEEPER-4973
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4973
Project: ZooKeeper
Issue Type: Task
Components: java client, security, server
Affects Versions: 3.9.4
Reporter: Jota Martos
When using Zookeeper 3.9.4, I was trying to disable FIPS by setting the
"fips-mode" parameter to false in the configuration as described in [the
documentation|https://zookeeper.apache.org/doc/r3.9.4/zookeeperAdmin.html].
{code}
$ cat /path/to/zoo.cfg
...
fips-mode=false
...
{code}
However, that doesn't disable FIPS and I get errors when trying to configure
authentication
{code}
zookeeper-1 | 2025-09-03 12:00:10,219 [myid:localhost:2181] - INFO
[main-SendThread(localhost:2181):o.a.z.Login@332] - Client successfully logged
in.
zookeeper-1 | 2025-09-03 12:00:10,220 [myid:localhost:2181] - WARN
[main-SendThread(localhost:2181):o.a.z.u.SecurityUtils@75] - Client will not
use DIGEST-MD5 as SASL mechanism, because FIPS mode is enabled.
zookeeper-1 | 2025-09-03 12:00:10,220 [myid:localhost:2181] - INFO
[main-SendThread(localhost:2181):o.a.z.ClientCnxn$SendThread@1170] - Opening
socket connection to server localhost/127.0.0.1:2181.
{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
