Neuvector 5.4.2 Broken With FIPS Host and Manager SSL Disabled

Big Bang disables SSL for the Neuvector manager by default, since the Neuvector web front-end is fronted by the Istio public ingress gateway.

Neuvector 5.4.2 tries to auto-detect a FIPS host and update the runtime crypto configs accordingly. If SSL is disabled, neuvector-manager fails to start on fips-enabled hosts.

There is a known, upstream issue here https://github.com/neuvector/neuvector/issues/1757

Until this is fixed, we can not upgrade to 5.4.2 .