Thinlinc fails due to fips mode

Running RHEL8 with FIPS mode enabled (fips=1 on kernel command line) to disable insecure/unapproved crypto.

First bug is that the install-server scripts does not work. It produces errors related to ’ rpm error “does not verify: no digest” '. The workaround is to manually install the RPM using
–nodigest --nofiledigest options. See 7809 – Server RPMs cannot be installed on FIPS enforcing system
I think I read somewhere that one fix is to use a new version of rpm when creating the RPMs (I think rpm 4.14 or newer).

Second bug is that after installing, I cannot use thinlinc. There is a bug which is low priority, but seems a show stopper to me. 7657 – MD5 is considered unsecure and shouldn't be used

On my server:

type or paste code heretail /var/log/vsmagent.log 
  File "/opt/thinlinc/modules/thinlinc/vsm/", line 352, in start_session
    II1 = oO00 . start ( )
  File "/opt/thinlinc/modules/thinlinc/vsm/", line 40, in start
    self . create_session_env ( )
  File "/opt/thinlinc/modules/thinlinc/vsm/", line 72, in create_session_env
    self . session_env [ "TLSESSIONMCOOKIE" ] = self . mcookie ( )
  File "/opt/thinlinc/modules/thinlinc/vsm/", line 122, in mcookie
    Oo0O0o0oO000 = hashlib . md5 ( )
ValueError: [digital envelope routines: EVP_DigestInit_ex] disabled for FIPS

The low priority bugzilla report mentions something about MD5 being used to support older clients (4.1.0). I am using latest client. Any fix or workaround for this so I can use thinlinc?