Support RedHat / Rocky Linux 9

[SteveHallNNT]

Hi,
When our application starts up on RedHat 9 (or a clone such as Rocky Linux) an exception is raised on application of the ServiceStack license. This appears to be due to the tightening up of supported cryptographic algorithms at the operating system level. The exception and call stack is as follows :

ServiceStack.LicenseException: This license is invalid. Please see [servicestack.net](http://servicestack.net/) or contact [[email protected]](mailto:[email protected]) for more details. The id for this license is '20222'
 ---> System.ArgumentNullException: Value cannot be null. (Parameter 'value')
   at System.Enum.Parse(Type enumType, String value, Boolean ignoreCase)
   at ServiceStack.LicenseUtils.ToLicenseKeyFallback(String licenseKeyText) in /home/runner/work/ServiceStack/ServiceStack/ServiceStack.Text/src/ServiceStack.Text/LicenseUtils.cs:line 643
   at ServiceStack.PclExport.VerifyLicenseKeyTextFallback(String licenseKeyText) in /home/runner/work/ServiceStack/ServiceStack/ServiceStack.Text/src/ServiceStack.Text/PclExport.cs:line 418
   at ServiceStack.LicenseUtils.RegisterLicense(String licenseKeyText) in /home/runner/work/ServiceStack/ServiceStack/ServiceStack.Text/src/ServiceStack.Text/LicenseUtils.cs:line 266
   --- End of inner exception stack trace ---
   at ServiceStack.LicenseUtils.RegisterLicense(String licenseKeyText) in /home/runner/work/ServiceStack/ServiceStack/ServiceStack.Text/src/ServiceStack.Text/LicenseUtils.cs:line 274

The current workaround is to relax the cryptographic policy on the machine in question to "LEGACY" as per this document :

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#system-wide-crypto-policies_using-the-system-wide-cryptographic-policies

This is less than ideal as 1) our application can be installed on thousands of servers and applying this setting is tedious / undesirable for our customers and 2) our product is a security product so asking customers to relax their security policy is not a good look for us.

This problem is just getting worse as more customers use this newer version so some kind of fix / workaround / change of behaviour would be very beneficial to us.

Thanks

[James-DBA-Anderson]

This is crucial for us. RedHat is one of the most popular distros out there and if people haven't moved to v9 they will be soon. Please can the team review.

[chrisoverton91]

Please can this be looked at. Having to relax our cryptographic policy to support ServiceStack is a big issue for us.

[mythz]

This should be resolved with the latest ServiceStack v8.2.3+ that's now available in Pre Release Packages which you'd use together with a new License Key generated using a stronger hashing algorithm from:

https://account.servicestack.net/regenerate-license

You should then be able to use the new License Key in RHEL9/Rocky Linux9.

We wont be able to make the stronger Hash Algorithm the default for at least 1-2 years as it would break being able to use the same License Key on both new and existing versions of ServiceStack.

[James-DBA-Anderson]

Thank you!

[joeglover]

Is there any indication as to when the official ServiceStack v8.2.4 might be available?

[mythz]

Ideally within 2 weeks.

[joeglover]

Great, thanks!

[mythz]

Supported from ServiceStack v8.3, docs for this feature at: https://docs.servicestack.net/rhel9-cryptography