Rails 4.2.6 禁用 MD5 以符合 FIPS
Rails 4.2.6 disable MD5 for FIPS compliance
如何在 Rails 4.2.6 和 Ruby 2.2+ 中禁用 MD5 和其他不符合 FIPS 的算法?
Started GET "/" for ::1 at 2016-04-12 11:00:52 -0400 Processing by
Rails::WelcomeController#index as / Rendered
/usr/local/rvm/gems/ruby-2.2.4/gems/railties-4.2.6/lib/rails/templates/rails/welcome/index.html.erb
(0.9ms) Completed 200 OK in 20ms (Views: 6.5ms | ActiveRecord: 0.0ms)
md5_dgst.c(78): OpenSSL internal error, assertion failed: Digest MD5
forbidden in FIPS mode! Aborted (core dumped)
这已在 Rails 5.2 中解决。参见 https://github.com/rails/rails/issues/31203。新应用现在应该默认兼容,升级后的应用可以使用 Rails.application.config.active_support.use_sha1_digests = true
如何在 Rails 4.2.6 和 Ruby 2.2+ 中禁用 MD5 和其他不符合 FIPS 的算法?
Started GET "/" for ::1 at 2016-04-12 11:00:52 -0400 Processing by Rails::WelcomeController#index as / Rendered /usr/local/rvm/gems/ruby-2.2.4/gems/railties-4.2.6/lib/rails/templates/rails/welcome/index.html.erb
(0.9ms) Completed 200 OK in 20ms (Views: 6.5ms | ActiveRecord: 0.0ms) md5_dgst.c(78): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode! Aborted (core dumped)
这已在 Rails 5.2 中解决。参见 https://github.com/rails/rails/issues/31203。新应用现在应该默认兼容,升级后的应用可以使用 Rails.application.config.active_support.use_sha1_digests = true