Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-69991

Cannot start/run jenkins service with FIPS mode enabled

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • core
    • None

      The server is enabled in FIPS mode:

      [user@ip-xyz ~]$ cat /proc/sys/crypto/fips_enabled
      1 

      Starting the jenkins service gives the following error:

      [user@ip-xyz ~]$ sudo systemctl start jenkins
      Job for jenkins.service failed because the control process exited with error code.
      See "systemctl status jenkins.service" and "journalctl -xe" for details. 

      Looking inside journalctl provides the following details:

      Nov 01 23:24:01 ip-xyz.ec2.internal systemd[1]: Starting Jenkins Continuous Integration Server...
      -- Subject: Unit jenkins.service has begun start-up
      -- Defined-By: systemd
      -- Support: https://access.redhat.com/support
      --
      -- Unit jenkins.service has begun starting up.
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]: Running from: /usr/share/java/jenkins.war
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]: Exception in thread "main" java.lang.InternalError: internal error: SHA-1 not available.
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/sun.security.provider.SecureRandom.init(SecureRandom.java:108)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/sun.security.provider.SecureRandom.<init>(SecureRandom.java:79)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/java.security.SecureRandom.getDefaultPRNG(SecureRandom.java:285)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/java.security.SecureRandom.<init>(SecureRandom.java:219)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/java.io.File$TempDirectory.<clinit>(File.java:1955)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/java.io.File.createTempFile(File.java:2111)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at executable.Main.extractFromJar(Main.java:470)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at executable.Main._main(Main.java:249)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at executable.Main.main(Main.java:116)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]: Caused by: java.security.NoSuchAlgorithmException: SHA MessageDigest not available
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/java.security.Security.getImpl(Security.java:779)
      Nov 01 23:24:01 ip-xyz.ec2.internal jenkins[36387]:         at java.base/java.security.MessageDigest.getInstance(MessageDigest.java:178)
      Nov 01 23:24:01 ip-xyz.internal jenkins[36387]:         at java.base/sun.security.provider.SecureRandom.init(SecureRandom.java:106)
      Nov 01 23:24:01 ip-xyz.internal jenkins[36387]:         ... 8 more
      Nov 01 23:24:01 ip-xyz.ec2.internal systemd[1]: jenkins.service: Main process exited, code=exited, status=1/FAILURE
      Nov 01 23:24:01 ip-xyz.ec2.internal systemd[1]: jenkins.service: Failed with result 'exit-code'.
      -- Subject: Unit failed
      -- Defined-By: systemd
      -- Support: https://access.redhat.com/support
      --
      -- The unit jenkins.service has entered the 'failed' state with result 'exit-code'.
      Nov 01 23:24:01 ip-xyz.ec2.internal systemd[1]: Failed to start Jenkins Continuous Integration Server.
      -- Subject: Unit jenkins.service has failed
      -- Defined-By: systemd
      -- Support: https://access.redhat.com/support
      --
      -- Unit jenkins.service has failed.
      --
      -- The result is failed. 

       

       

      This issue is present with a brand new installation of Jenkins. I have tried consulting this thread, which did not provide much help. Please let me know if there is any more detail that I can provide to assist with resolving this issue. Any guidance on running Jenkins with FIPS mode enabled is appreciated.

            Unassigned Unassigned
            manickam26 Manickam
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: