SharePoint enabling FIPS Compliance results in”An unexpected error has occured”

Recently I was at a customer, which couldn’t get SharePoint to work with their default GPO’s applied. After some research, I noticed that the following error was being logged

“An exception occurred when trying to issue security token: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

After running a gpresult, I noticed that the following setting was configured through GPO

System Cryptography
Policy Setting Winning GPO
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Enabled XXX-XXX

This resulted in the following registry key being enabled: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\fipsalgorithmpolicy

registry subkey is set to 1.

As it turns out, SharePoint does not work with FIPS Compliance and this should be disabled for SharePoint servers.

Sources:

http://technet.microsoft.com/en-us/library/cc263215(v=office.14).aspx

http://social.technet.microsoft.com/Forums/sharepoint/en-US/bbeb3c71-11ec-4cf2-8d78-6b40041abeb8/sharepoint-2010-recurring-error?forum=sharepointadminprevious

http://support.microsoft.com/kb/911722

http://support.microsoft.com/kb/2000371

http://support.microsoft.com/kb/811833

2 Replies to “SharePoint enabling FIPS Compliance results in”An unexpected error has occured””

Leave a Reply

Your email address will not be published. Required fields are marked *

*