Hello Vipal Mehta,
Welcome to the Microsoft Q&A and thank you for posting your questions here.
I understand that you are having FIPS error with Cosmos Postgresql DB while running stored procedure.
If your production Cosmos PostgreSQL instance has continuous backups enabled and that the retention period includes December 19th, there are four areas I will like you to check:
Firstly, you will need to diagnose and confirm Azure-Side changes: Use the Azure Service Health dashboard to identify if any updates were applied to CosmosDB or the hosting infrastructure, particularly related to FIPS enforcement. - https://portal.azure.com/#blade/Microsoft_Azure_Health/AzureHealthBrowseBlade/serviceIssues
Secondly, check if FIPS compliance has been enabled in your production environment unexpectedly:
- Run
SHOW config_file;
in PostgreSQL to locate the configuration file. - Look for parameters like
password_encryption
and confirm if they are set to SCRAM-SHA-256 or similar. - On the host or application level, ensure that FIPS mode is disabled if it is causing issues. This might involve updating operating system policies or PostgreSQL configurations.
Ensure both staging and production instances have the same authentication methods in pg_hba.conf
(e.g., scram-sha-256
or md5
), and if using SSL/TLS, confirm that certificates are valid and correctly configured in both environments.
Lastly, this is an immediate action, run Diagnostic Queries using SQL to SHOW assword_encryption;
and SHOW ssl;
Compare the output between staging and production. Also, use tools like telnet
or nc
to test connectivity to the target database (db.amazonaws.com
) on port 5432 from the CosmosDB production instance. If the issue persists, escalate to Microsoft Azure Support. Hopefully, @Oury Ba-MSFT will respond if she is not on vacation.
I hope this is helpful! Do not hesitate to let me know if you have any other questions.
Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful.