When installing the Linux SolarWinds agent using the installer from the SolarWinds polling server, I get an error message that says "package swiagent-2020.2.6.50026-1260990.x86_64 does not verify: no digest". Red Hat has an article that describes this error happens when installing an RPM package on a server that has FIPS enabled. In this scenario, the RPM package has to be signed in order to install it correctly.
rpm error "does not verify: no digest" - Red Hat Customer Portal
Older packages use the MD5 hash of the header and payload unless it is disabled by configuration.
The %_pkgverify_level macro can be used to additionally enable enforcing signature verification before installation or disable the payload verification completely. In addition, the %_pkgverify_flags macro can be used to limit which hashes and signatures are allowed. For example, it is possible to disable the use of the weak MD5 hash at the cost of compatibility with older packages.
Packages need to be built with rpm >= 4.14 in order to be installable in FIPS mode, the key being the new SHA256 digest on the compressed payload.
Can you create a new version of the package that is signed with the SHA256 digest?
According to the KB I gave above, Packages need to be built with rpm >= 4.14 in order to be installable in FIPS mode, the key being the new SHA256 digest on the compressed payload. So essentially build the RPM on a Red Hat 8 machine.
