Is it supported to install Red Hat Satellite 6 or Red Hat Satellite Capsule 6 on a FIPS enabled RHEL system?

Environment

• Red Hat Satellite 6.5+
• Red Hat Satellite Capsule 6.5+

Resolution

• Installing and running Red Hat Satellite and Red Hat Satellite Capsule on a FIPS enabled RHEL system is supported.
• Red Hat Satellite uses the same hash function that the external repository uses to compute-and-verify package checksums during synchronization with that external repository.
• Red Hat Satellite uses the same hash function that the external repository uses to generate checksums in repository metadata (e.g. primary.xml).
• Red Hat Satellite supports the following hash functions: md5, sha1, sha256 & sha512

NOTES

• The RHEL operating system cannot be changed after Red Hat Satellite is installed to enable FIPS compliance.  Only new installations of Red Hat Satellite on already FIPS-enabled operating systems are supported.
• FIPS compliance of the operating system is different than FIPS compliance of the Satellite software.  While installing Satellite on a FIPS-enabled RHEL machine will cause some of its components to use compliant algorithms & ciphers, other components will still be non-compliant.  For example, Tomcat and Candlepin currently do not work if FIPS is force-enabled within the Java stack.  This is Content from github.com is not included.an issue being tracked upstream.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.