Skip to main content

Disable FIPS-enabled Puppet Enterprise on Ubuntu

Sandra Jiang
  • Updated

FIPS-enabled Puppet Enterprise is not supported on Ubuntu. When you enable FIPS-enabled PE on Ubuntu, the primary node won’t run and you cannot log in to the PE console.

Version and installation information

PE version: All supported versions

OS: Ubuntu 18.04

Solution

To disable FIPS-enabled PE from Ubuntu, follow these steps:

  1. Disable FIPS on Ubuntu by following the steps in the Ubuntu Manuals.

  2. Reinstall Puppet and the PE package.

    apt install -reinstall $(dpkg -l |egrep 'puppet| pe' | awk ' {print $2}')

    Example output of the package getting installed:

    root@sneaky-abbey:~# apt install ~~-reinstall $(dpkg -l |egrep 'puppet| pe~~' | awk '{print $2}')
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
pe-ace-server 
pe-backup-tools 
pe-bolt-server 
pe-bouncy-castle-jars 
pe-builtin-bolt-content 
pe-client-tools 
pe-console-services 
pe-installer 
pe-java11 
pe-license
pe-modules 
pe-nginx 
pe-orchestration-services 
pe-postgresql-common 
pe-postgresql14 
pe-postgresql14-contrib 
pe-postgresql14-pglogical 
pe-postgresql14-pgrepack
pe-postgresql14-server 
pe-puppet-enterprise-release 
pe-puppetdb 
pe-puppetserver 
pe-r10k 
pe-tasks 
puppet-agent

    Example output when installation is complete:

    root@sneaky-abbey:~# dpkg ~~l |egrep 'puppet| pe~~' | awk '{print $2}'
pe-ace-server
pe-backup-tools
pe-bolt-server
pe-bouncy-castle-jars
pe-builtin-bolt-content
pe-client-tools
pe-console-services
pe-console-services-termini
pe-installer
pe-java11
pe-license
pe-modules
pe-nginx
pe-orchestration-services
pe-postgresql-common
pe-postgresql14
pe-postgresql14-contrib
pe-postgresql14-pglogical
pe-postgresql14-pgrepack
pe-postgresql14-server
pe-puppet-enterprise-release
pe-puppetdb
pe-puppetdb-termini
pe-puppetserver
pe-r10k
pe-tasks
puppet-agent

  3. Reconfigure the PE package.

    puppet infrastructure configure --no-recover --force

To learn more about FIPS 140-2 enabled PE, read our documentation.

Did this solve your problem?
0 out of 0 found this helpful

How can we improve this article?

0 comments

Please sign in to leave a comment.

Related articles