Nothing too critical but documenting this for future. This is me after this week battling Windchill configuration:

The latest saga is with SSO. I have my notes from last year which is pretty straight forward except now I am running RHEL 9.2, SELinux (we'll get to you later), Windchill 13.0.2.4, Shibboleth 3.5. When I went to configure Apache to load the Shibboleth modules, it failed to start with this error:

00-1mod_shib.conf: Cannot load /usr/lib64/shibboleth/mod_shib_24.so into server: /lib64/libldap.so.2: undefined symbol: EVP_md2, version OPENSSL_3.0.0
Jun 13 14:53:47  systemd[1]: windchill-httpd.service: Control process exited, code=exited, status=1/FAILURE

Now, I've seen this type of thing before on my 12.0.2 server. I followed CS352455 and it fixed it but this error

00-1mod_shib.conf: Cannot load /usr/lib64/shibboleth/mod_shib_24.so into server: /lib64/libldap.so.2: undefined symbol: EVP_md2, version OPENSSL_3.0.0 was different talking about a different library. Searching knowledge base leads me to this wonderful article CS444585 with no resolution documented and a similar one CS341852. Closer but wrong Windchill version, wrong OS and that file does not even exist there. 

While Shibboleth install script pull 3.5 for RHEL 9, at the time of this writing, 13.0.2.4 does not support this version (supports 3.4.1+) CS434427 just a few CPS's away. 

Google tells me that this are a ton is issues related to this error with other application. Any clue as to what I need to downgrade or what I need to add to the Apache conf to make this all work?

So, yes Shibboleth clearly states that SELinux is not supported (https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335559/SELinux ) but I will battle that another day. Seems like no one wants to support it but Gov. is requiring it.