Problem:
Radius authentication does not work with FIPS-enabled Connector host. This includes both
Connector as a Radius Server feature and
Connector as a Radius Client feature.
E.g. MFA login to Windows client and cloud using radius server authentication (RSA) failed, giving the following error:
'
Authentication (login or challenge) has failed. Please try again or contact your system administrator.'

Cloud connector log displayed the following exception:
'
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.MD5CryptoServiceProvider..ctor()'
Cause:
Centrify Radius authentication uses the Radius.Net library, which protects the user's password using MD5. MD5 is not FIPS compliant, hence the exception.
Workaround:
The workaround is to disable FIPS on the connector host. The steps are:
1. Launch regedit.exe
2. Navigate to HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > Lsa > FipsAlgorithmPolicy
3. Disable FIPS-compliant encryption on cloud connector by setting FipsAlgorithmPolicy to 0
4. Test on Radius authentication again
