{"id":"rhel91-openssl-fips-restrictions","text":"In RHEL 9.1 FIPS mode, OpenSSL disallows 3DES, RSA keys smaller than 2048 bits, and RSA key exchange; the `req` tool uses AES-256-CBC for key encryption.","truth_value":"IN","source":"repo:entries/2026/03/03/en-documentation-red_hat_enterprise_linux-9-html-91_release_notes-bug_fixes.md","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"rhel91-openssl-fips-restrictions","truth_value":"IN","reason":"premise"}]}}