Community Spring Cleaning week is here! Join your fellow Maveryx in digging through your old posts and marking comments on them as solved. Learn more here!

Alteryx Server Knowledge Base

Definitive answers from Server experts.

Error: In FIPS, MD5 is not an approved hash algorithm

Suskil
Alteryx
Alteryx
Created

Environment Details


The Federal Information Processing Standard (FIPS) 140 is a security implementation that is designed for certifying cryptographic software. Windows implements these certified algorithms to meet the requirements and standards for cryptographic modules for use by departments and agencies of the United States federal government.

    The following errors may be seen when FIPS Cryptography compliance is enabled:

    Designer Errors:

    Error in EncryptPassword: In FIPS, MD5 is not an approved hash algorithm.
    AlteryxService_Client.Net.AlteryxServiceException: Unable to create TileSet: In FIPS, MD5 is not an approved hash algorithm.

    Server Error (noted from the Gallery Log):
    This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

     
    Server Error (noted from the Service Log):

    MongoDaemon_CreateCredentials_Error: Error creating credentials <In FIPS, MD5 is not an approved hash algorithm.>

     

    • Alteryx Designer
      • Version 2020.4+
    • Alteryx Server
      • All versions


    Cause


    Local Security Policy setting 'System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is enabled in Windows.



    Resolution


    FIPS must be disabled in order for the Designer and Server to run correctly, as they are not considered to be FIPS compliant. This is as designed and will, likely, require permission to disable, from your IT Security admin. 

    To turn off FIPS Cryptography using the Local Policies (with IT's permission), follow these steps:

    1. Press the key combination WINDOWS_KEY+R to launch the Run dialog.
    2. Type secpol.msc into the dialog and click OK.
    3. In the Local Security Policy Management Console window that opens, use the left tab to navigate to the Local Policies > Security Options
    4. Scroll down the right pane and double-click System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.
    5. In the Properties window, select the Disabled option and click the Apply button.
    6. Close the Properties window by clicking OK.
    7. Close the Local Security Policy Management Console.
     
    image.png
     

     



      Additional Resources