azure-sdk-for-js: Unable to enable FIPS mode on latest Node 18 LTS

  • Package Name: @azure/identity
  • Package Version: 3.0.0
  • Operating system: Windows 11 22H2
  • nodejs
    • version: 18.12.0
  • browser
    • name/version: N/A
  • typescript
    • version: 4.8.4
  • Is the bug related to documentation in

Describe the bug After FIPS mode is enabled with crypto.setFips(true) the module is now unable to authenticate to Azure AD.

To Reproduce Steps to reproduce the behavior:

  1. Add crypto.setFips(true) to the top of your app and ensure the latest LTS release of Node.JS is installed (18.12.0 at the time of this wiring)

Expected behavior Successful authentication should happen, regardless of if FIPS mode is enabled or not.

Screenshots Screenshot of error in terminal

Additional context Here is the error that happens after FIPS is enabled:

ChainedTokenCredential authentication failed.
CredentialUnavailableError: endpoints_resolution_error: Error: could not resolve endpoints. Please check network and try again. Detail: ClientConfigurationError: untrusted_authority: The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter.
node:internal/process/promises:288
            triggerUncaughtException(err, true /* fromPromise */);
            ^

AggregateAuthenticationError: ChainedTokenCredential authentication failed.
CredentialUnavailableError: endpoints_resolution_error: Error: could not resolve endpoints. Please check network and try again. Detail: ClientConfigurationError: untrusted_authority: The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter.
    at C:\GitHub\**Redacted**\Server\node_modules\@azure\identity\dist\index.js:2657:29
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.withSpan (C:\GitHub\**Redacted**\Server\node_modules\@azure\identity\node_modules\@azure\core-tracing\dist\index.js:140:28)

Node.js v18.12.0

About this issue

  • Original URL
  • State: open
  • Created 2 years ago
  • Comments: 26 (10 by maintainers)

Most upvoted comments

I’ll build a once off test project and get the results back here.

+1
elliot-huffman on Nov 7, 2022
Read more comments on GitHub
← azure-sdk-for-js: [Text Analytics]It will return error when use textAnalyticsClient with AAD authentication to run integration tests on UsGov cloud and China cloud
azure-sdk-for-js: Unable to use TokenCredentials instances from the azure/identity library in ServiceClientCredential based SDK's for Sovereign Azure Clouds →