Insecure hash algorithms are not blocked

I noticed that md5 is still enabled on this image. I tested this by running

$ docker run -it --rm --entrypoint /bin/bash registry1.dso.mil/ironbank/canonical/ubuntu-pro-cis-fips-stig:20.04_stable
$ echo 'hi' | openssl md5

and seeing no errors. On an image where we've configured OpenSSL + FIPS following these https://github.com/openssl/openssl/blob/master/README-FIPS.md, the same series of commands gives this error:

$ echo 'hi' | openssl md5
Error setting digest
E0778690FFFF0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:355:Global default library context, Algorithm (MD5 : 100), Properties ()
E0778690FFFF0000:error:03000086:digital envelope routines:evp_md_init_internal:initialization error:crypto/evp/digest.c:272:

I'm also not seeing any references to FIPS in /usr/lib/ssl/openssl.cnf. Is this behavior expected, and if so, how should I be verifying that FIPS is enabled on the container?