Title: #482: Don't count service/host/user cert md5 fprints in FIPS
I don't think that this is a good way how to handle backward compatibility.
With FIPS mode enabled there is no md5 backward compatibility and users should
adapt their automation. In case that IPA API is used directly it will contain
a garbage and it may not be catched faster enough by any automation on user
side. We should not provide anything related to md5 under FIPS mode and let any
possible automation using IPA API to fail early on missing values.
See the full comment at
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code