Top of Form
"Parser Error Message: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms." when .net page has debug="true"
Recently, I came across an issue an FIPS (Federal Information Processing Standards) related error on the .aspx pages which had debug="true".
Looking at the error, we know that there are articles like KB 911722 and a good blog - Enforcing FIPS Certified Cryptography which discuss the same issue.
In Windows Server 2008, the FIPS related registry key is:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy] "Enabled"=dword:00000000
With the setting "Enabled"=dword:00000000 we know the FIPS enforcement is disabled.
Check the Local Security Policy setting on the server, at Administrative Tools -> Local Security Policy -> Local Policies -> Security Options -> "System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing" and it showed that it was disabled.
on Windows Server 2003, the registry key for FIPS is
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "fipsalgorithmpolicy"=dword:00000001
Resolution:
- To resolve the customer's problem, we removed "fipsalgorithmpolicy"=dword:00000001 from [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa].
OR
- Disable the FIPS Policy in Web.Config : <enforceFIPSPolicy enabled="false"/>
No comments:
Post a Comment