The saga of SSRS 2008 and the FipsAlgorithmPolicy

I'm in the process of rolling out a new environment at the customer site and as part of this environment we're using a Windows Server 2008 image developed by the customer that has a fairly rigid security policy.  I was rolling out the SQL side of the environment, which includes SQL Reporting Services 2008. 

The installation and configuration of SSRS 2008 went normally without issue.  However when I tried to connect to the main reports page (e.g. http://localhost/Reports) in IE the page would throw a 500 error.  I didn't see anything in the application, security or system logs, but when I looked in the ReportServerService logs, I noticed when I tried to connect I would get the following:

System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

We'd found the FipsAlgorithmPolicy to be an issue when configuring a new BizTalk server, but this was our second casualty.  Simply changing the HKLM\System\CurrentControlSet\Lsa\FipsAlgorithmPolicy Enabled property to zero and rebooting solved the issue.

Happy Reporting.

Comments (0)

Skip to main content