Setting Up pgAdmin4 on Red Hat Enterprise Linux 7 with FIPS Mode Enabled

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Setting Up pgAdmin4 on Red Hat Enterprise Linux 7 with FIPS Mode Enabled

Deaderick, David


Red Hat Enterprise Linux 7.7 system with FIPS mode enabled

# openssl version

OpenSSL 1.0.2k-fips  26 Jan 2017


]# cat /proc/sys/crypto/fips_enabled



PostgreSQL and pgAdmin4 installed from the latest yum repositories

rpm –import

yum install

yum install postgresql12-server postgresql12-docs postgresql12-contrib pgadmin4 mod_ssl



When I run the setup command:

# /usr/pgadmin4/bin/


I receive the following output:

NOTE: Configuring authentication for SERVER mode.


Enter the email address and password to use for the initial pgAdmin user account:


Email address: [hidden email]


Retype password:

Traceback (most recent call last):

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/", line 413, in <module>


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/", line 347, in setup_db

    app = create_app()

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/pgadmin/", line 330, in create_app


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/pgadmin/setup/", line 25, in db_upgrade


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/flask_migrate/", line 95, in wrapped

    f(*args, **kwargs)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/flask_migrate/", line 280, in upgrade

    command.upgrade(config, revision, sql=sql, tag=tag)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/alembic/", line 254, in upgrade


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/alembic/script/", line 425, in run_env

    util.load_python_file(self.dir, '')

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/alembic/util/", line 81, in load_python_file

    module = load_module_py(module_id, path)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/alembic/util/", line 141, in load_module_py

    mod = imp.load_source(module_id, path, fp)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/pgadmin/setup/../../migrations/", line 94, in <module>


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/pgadmin/setup/../../migrations/", line 87, in run_migrations_online


  File "<string>", line 8, in run_migrations

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/alembic/runtime/", line 836, in run_migrations


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/alembic/runtime/", line 330, in run_migrations


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/migrations/versions/", line 122, in upgrade

    Security(current_app, user_datastore, register_blueprint=False)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/flask_security/", line 469, in __init__

    self._state = self.init_app(app, datastore, **kwargs)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/flask_security/", line 504, in init_app


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/flask_security/", line 332, in _get_state


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/flask_security/", line 313, in _get_hashing_context


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/", line 1401, in __init__


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/", line 1592, in load

    config = _CryptConfig(source)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/", line 634, in __init__


  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/", line 652, in _init_scheme_list

    handler = get_crypt_handler(elem)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/", line 350, in get_crypt_handler

    mod = __import__(modname, fromlist=[modattr], level=0)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/handlers/", line 72, in <module>

    hex_md5     = create_hex_hash("md5")

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/handlers/", line 55, in create_hex_hash

    info = lookup_hash(digest)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/crypto/", line 298, in lookup_hash

    info = HashInfo(const, name_list)

  File "/usr/lib/python2.7/site-packages/pgadmin4-web/passlib/crypto/", line 403, in __init__

    hash = const()

ValueError: error:060800A3:digital envelope routines:EVP_DigestInit_ex:disabled for fips

Error setting up server mode. Please examine the output above.



Issue appears to be related to a default of the prohibited hash algorithm  md5.

I have searched the web, read the FAQs and documentation without finding any definitive answers.

After stepping through the python code with pdb, it appears something is trying to create an md5 hash for the default password.



  1. Is it possible to setup pgAdmin4 (4.18) on a RHEL7 system with FIPS mode enabled?
  2. Where can I find guidance on setting up pgAdmin4 on a FIPS enabled system?


Thank you,

David A. Deaderick III

Infrastructure Engineering IT Specialist

Capacity and Performance Engineering (005OP2D)

VA OI&T Enterprise Program Management Office

Office: (727) 502-1313 (Tue Wed Thu)

Office: (941) 359-2010 (Mon Fri)

Mobile: (727) 417-7593