From e7d4f3cf4ac79889d5e3e8cadde078540fb8996b Mon Sep 17 00:00:00 2001
From: David Kirov <david.kirov@datadoghq.com>
Date: Mon, 16 Dec 2024 14:46:54 +0100
Subject: [PATCH] Revert to using env vars

---
 .../datadog_checks/base/checks/base.py        | 25 ++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/datadog_checks_base/datadog_checks/base/checks/base.py b/datadog_checks_base/datadog_checks/base/checks/base.py
index 738a86252072e..efb3451319ac0 100644
--- a/datadog_checks_base/datadog_checks/base/checks/base.py
+++ b/datadog_checks_base/datadog_checks/base/checks/base.py
@@ -310,8 +310,31 @@ def __init__(self, *args, **kwargs):
         self.__logs_enabled = None
 
         if os.environ.get("GOFIPS", "0") == "1":
+            with open("/opt/datadog-agent/embedded/ssl/openssl_fips.cnf", "w") as f:
+                config = """
+config_diagnostics = 1
+openssl_conf = openssl_init
+
+.include /opt/datadog-agent/embedded/ssl/fipsmodule.cnf
+
+[openssl_init]
+providers = provider_sect
+alg_section = algorithm_sect
+
+[provider_sect]
+fips = fips_sect
+base = base_sect
+
+[base_sect]
+activate = 1
+
+[algorithm_sect]
+default_properties = fips=yes
+"""
+                f.write(config)
+
             enable_fips(
-                path_to_openssl_conf="/opt/datadog-agent/embedded/ssl/openssl.cnf",
+                path_to_openssl_conf="/opt/datadog-agent/embedded/ssl/openssl_fips.cnf",
                 path_to_openssl_modules="/opt/datadog-agent/embedded/lib/ossl-modules",
             )