diff --git a/Sanity/ansible-machine-hardening/runtest.sh b/Sanity/ansible-machine-hardening/runtest.sh
index 77391f3..66994a0 100755
--- a/Sanity/ansible-machine-hardening/runtest.sh
+++ b/Sanity/ansible-machine-hardening/runtest.sh
@@ -88,6 +88,11 @@ rlJournalStart
             rlRun "tmp=\$(mktemp -d)" 0 "Create tmp directory"
             rlRun "pushd $tmp"
 
+            # Remove when CentOS repos use at least 3072b RSA key
+            if rlIsCentOS; then
+                rlRun "echo sslverify=0 >> /etc/yum.conf" 0 "Workaround for FIPS:OSPP crypto policy"
+            fi
+
             if [ $REBOOT_COUNT -eq 0 ]; then
                 TIMESTAMP=$(date +%Y%m%d%H%M%S)
                 echo "$TIMESTAMP" > "$TIMESTAMP_FILE"
diff --git a/Sanity/machine-hardening/runtest.sh b/Sanity/machine-hardening/runtest.sh
index 4e97165..6052eff 100755
--- a/Sanity/machine-hardening/runtest.sh
+++ b/Sanity/machine-hardening/runtest.sh
@@ -74,6 +74,11 @@ rlJournalStart
             rlRun "tmp=\$(mktemp -d)" 0 "Create tmp directory"
             rlRun "pushd $tmp"
 
+            # Remove when CentOS repos use at least 3072b RSA key
+            if rlIsCentOS; then
+                rlRun "echo sslverify=0 >> /etc/yum.conf" 0 "Workaround for FIPS:OSPP crypto policy"
+            fi
+
             if [ $REBOOT_COUNT -eq 0 ]; then
                 TIMESTAMP=$(date +%Y%m%d%H%M%S)
                 echo "$TIMESTAMP" > "$TIMESTAMP_FILE"