vmware.ansible_for_nsxt.nsxt_policy_group the ansible controller gives error "Received [digital envelope routines: EVP_DigestInit_ex] disabled for FIPS from NSX Manager."
search cancel

vmware.ansible_for_nsxt.nsxt_policy_group the ansible controller gives error "Received [digital envelope routines: EVP_DigestInit_ex] disabled for FIPS from NSX Manager."

book

Article ID: 377152

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

When attempting playbooks (https://github.com/vmware/ansible-for-nsxt) with the ansible modules

vmware.ansible_for_nsxt.nsxt_policy_segment,

vmware.ansible_for_nsxt.nsxt_policy_security_policy

and vmware.ansible_for_nsxt.nsxt_policy_group the ansible controller kicks back the error "Recieved [digital envelope routines: EVP_DigestInit_ex] disabled for FIPS from NSX Manager." 

Environment

Ansible with NSX 4.x

Cause

coding is set to use md5 instead of sha1.

Resolution

The path to this file on github is ansible-for-nsxt/plugins/module_utils/policy_communicator.py

File the value on line 209 was set to the below coding:        

return hashlib.md5(json.dumps(request, sort_keys=True).
                           encode('utf-8')).hexdigest()

The code needs to be changed to the following:

return hashlib.sha1(json.dumps(request, sort_keys=True).
                           encode('utf-8')).hexdigest()

Powered by Wolken Software