Symantec Endpoint Protection cafservicemain process produces SIGABRT core dump at service startup if FIPS mode is enabled.

You may see the following information in the system logs:

Jan 19 10:29:37 rhel-8.local.test systemd[1]: cafdaemon.service: Main process exited, code=killed, status=6/ABRT
Jan 19 10:29:37 rhel-8.local.test systemd[1]: cafdaemon.service: Failed with result 'signal'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- The unit cafdaemon.service has entered the 'failed' state with result 'signal'.
Jan 19 10:29:38 akm-rhel-8.akm.test systemd-coredump[1100544]: Process 694709 (cafservicemain) of user 1001 dumped core.

This issue affects Red Hat Enterprise Linux and CentOS systems running with FIPS mode enabled.

This issue affects Symantec Endpoint Protection 14.3 RU1 and later clients.

This issue is caused by an algorithm used by Symantec Endpoint Protection that is not compatible with FIPS mode.

Symantec Endpoint Protection 14.3 RU1 and newer is incompatible with Red Hat and CentOS's FIPS mode, and must be disabled for Symantec Endpoint Protection to function.