Error:
When trying to access my newly provision SharePoint 2019 central Administration Site, encounter the following error:
This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms
Root Cause:
FIPS stands for “Federal Information Processing Standards.” It’s a set of government standards that define how certain things are used in the government–for example, encryption algorithms. FIPS defines certain specific encryption methods that can be used, as well as methods for generating encryption keys. It’s published by the National Institute of Standards and Technology, or NIST.
The setting in Windows complies with the US government FIPS 140 standard. When it’s enabled, it forces Windows to only use FIPS-validated encryption schemes and advises applications to do so, as well.
“FIPS mode” doesn’t make Windows more secure. It just blocks access to newer cryptography schemes that haven’t been FIPS-validated. That means it won’t be able to use new encryption schemes, or faster ways of using the same encryption schemes. In other words, it makes your computer slower, less functional, and arguably less secure.
Reference: https://www.howtogeek.com/245859/why-you-shouldnt-enable-fips-compliant-encryption-on-windows/
Solution:
The FIPS compliant setting is forced via Group Policy.
Open Group Policy and navigate to:
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
Set the setting System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing to Disabled.
Run a gpupdate /force on the server and you will now be able to access Central Admin (or whatever website you had this issue).
Additional information can be found here – https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing
1 Giant Nerd 