On 21/06/2022 19:45, Rob Crittenden wrote:
It seems to be an interop problem between the server and client. The
RHEL 9 server is wrapping the secret with AES but the client is trying
to use TripleDES (and only supports 3DES).
Upstream ticket https://pagure.io/freeipa/issue/6524 changed from a
hardcoded wrapping algorithm to be more flexible but this is apparently
not backwards compatible.
I'm not deeply familiar with this wrapping code so I don't know if there
is a workaround yet.
Any chance you can file a RHEL-8 bug against ipa for this while I
continue looking?
thanks
rob
Thanks Rob, here you go
https://bugzilla.redhat.com/show_bug.cgi?id=2100115
--
Sam Morris <https://robots.org.uk/>
PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
