"This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms." when addin an API key

Hi Octopus Team!
First of all: it’s a great product :wink:
We installed the current version 3.2.23 last week. The installation worked and we are able to log-in, create projects etc. When trying to add an API key we get following exception:

System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms. at System.Security.Cryptography.SHA1Managed…ctor() at Octopus.Core.Model.Users.ApiKey.GetDocumentId(String apiKey) in Y:\work\refs\tags\3.2.22\source\Octopus.Core\Model\Users\ApiKey.cs:line 87 at Octopus.Core.Model.Users.ApiKey.Import(String userId, String purpose, String apiKey) in Y:\work\refs\tags\3.2.22\source\Octopus.Core\Model\Users\ApiKey.cs:line 68 at Octopus.Server.Web.Api.Actions.CreateApiKeyAction.Execute() in Y:\work\refs\tags\3.2.22\source\Octopus.Server\Web\Api\Actions\CreateApiKeyAction.cs:line 33 at Octopus.Server.Web.Infrastructure.Api.Responder`1.Respond(TDescriptor options, NancyContext context) in Y:\work\refs\tags\3.2.22\source\Octopus.Server\Web\Infrastructure\Api\Responder.cs:line 162 at System.Dynamic.UpdateDelegates.UpdateAndExecute3[T0,T1,T2,TRet](CallSite site, T0 arg0, T1 arg1, T2 arg2) at Octopus.Server.Web.Api.OctopusRestApiModule.<>c__DisplayClass0_0.<.ctor>b__0(Object o) in Y:\work\refs\tags\3.2.22\source\Octopus.Server\Web\Api\OctopusRestApiModule.cs:line 46 at Nancy.Routing.Route.<>c__DisplayClass4.b__3(Object parameters, CancellationToken context)

The service account running the Octopus Server is not a server administrator, but has only the priviliges needed (http://docs.octopusdeploy.com/display/OD/Permissions+required+for+the+Octopus+windows+service). We use Windows authentication on a Windows Server 2012 R2.

Thanks for any help!
Henk

Anyone?

Hi Henk,

Thanks for getting in touch! I actually had a conversation about this with the team and even created an issue for it. Then I didn’t remember to tell you about it, sorry about that.
We will investigate and fix this, but we will also put in some strategies to better test and confirm our FIPS compliance.
You can track the issue here: https://github.com/OctopusDeploy/Issues/issues/2376
It is scheduled for our current sprint.

Unfortunately there is no workaround to generate your API key while FIPS is enabled.

Again sorry about the delay in letting you know the status here.
Vanessa

Hi Vanessa,

Thanks for your reply! We’ll wait for the fix.

Thanks
Henk

P.S.: Are you able to tell when you have a fixed release? :slight_smile:

Hi Henk,

If you track the GitHub issue, it will be closed, and given a release number tag and milestone and a release note.
We try to notify back to these forum threads but sometimes they are missed or there are too many changes.
Tracking the issue is the easiest way.

Right now its marked as Ready - this will change to ‘in progress’ all the way through to ‘closed’ and ‘archived’.

Vanessa