MD5 is used by fast hashing algorithms. More information can be found at https://learn.microsoft.com/en-us/sharepoint/security-for-sharepoint-server/federal-information-processing-standard-security-standards.
SharePoint 2019 STIG Compliance DES RC4 MD5
I am trying to be compliant and I am stuck on the below request,
"Under “Options”, in the “SSL Cipher Suites” text box, enter desired cipher suites that are not DES or RC4."
If I remove RC4 that MD5 is in someway attached to, the "Central Administration" web page errors with a FIPS error.
I am sure the same will be said for the Web Application / Sites also.
I know that MD5 is required by SharePoint although that answer is not good enough to close this findings (V-59965, V-59967, V-59969, V-59971, V-59989).
I wish I could say that I have the understanding to present a technical reason why although I am at a loss and am asking for help.
I am also open to a possible book that discusses SharePoint and MD5, I believe what I have read that Microsoft uses FISMA instead of FIPS