apm agent fails in a FIPS enabled host #2115
Description
``We are running a webapp on Azure, which uses Elastic APM (elastic-apm==6.23.0). Since 08/29/2024, without changing anything our app is failing to run, with:
crypto/fips/fips.c:154: OpenSSL internal error: FATAL FIPS SELFTEST FAILURE
Aborted (core dumped)
We noticed the Azure webapp environment (linux) now has the following kernel parameter:
# sysctl crypto.fips_enabled
crypto.fips_enabled = 1
To Reproduce
# python
Python 3.12.2 (main, Feb 22 2024, 11:15:41) [GCC 10.2.1 20210110] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import elasticapm
>>> apm=elasticapm.Client()
>>> elasticapm.instrument()
crypto/fips/fips.c:154: OpenSSL internal error: FATAL FIPS SELFTEST FAILURE
Aborted (core dumped)
#
Environment (please complete the following information)
- OS: Linux hostname 5.15.164.1-1.cm2 Update copyright in LICENSE #1 SMP Sun Aug 18 19:16:21 UTC 2024 x86_64 GNU/Linux
- Python version: 3.12
- APM Server version: unrelevant, it fail before even connecting (no need to have an APM server to test it)
- Agent version: 6.23.0
Additional context
(antenv) root@aiops-dev_0ac897ce81:/tmp/8dccb366a943910# python
Python 3.12.2 (main, Feb 22 2024, 11:15:41) [GCC 10.2.1 20210110] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import elasticapm
>>> apm=elasticapm.Client()
>>> elasticapm.instrument()
crypto/fips/fips.c:154: OpenSSL internal error: FATAL FIPS SELFTEST FAILURE
Aborted (core dumped)
(antenv) root@aiops-dev_0ac897ce81:/tmp/8dccb366a943910#
Linux aiops-dev_0ac897ce81 5.15.164.1-1.cm2 #1 SMP Sun Aug 18 19:16:21 UTC 2024 x86_64 GNU/Linux
(antenv) root@aiops-dev_0ac897ce81:/tmp/8dccb366a943910# sysctl crypto.fips_enabled
crypto.fips_enabled = 1
elastic-apm==6.23.0
(antenv) root@aiops-dev_0ac897ce81:/tmp/8dccb366a943910# python -V
Python 3.12.2
See attached file for detail about installed packages in the OS and version, as well as a detailled dump of the system calls.