diff --git a/ironic/common/utils.py b/ironic/common/utils.py
index fc61fd02fe..6dbb0e3265 100644
--- a/ironic/common/utils.py
+++ b/ironic/common/utils.py
@@ -230,12 +230,12 @@ def _get_hash_object(hash_algo_name):
     return getattr(hashlib, hash_algo_name)()
 
 
-def file_has_content(path, content, hash_algo='md5'):
+def file_has_content(path, content, hash_algo='sha256'):
     """Checks that content of the file is the same as provided reference.
 
     :param path: path to file
     :param content: reference content to check against
-    :param hash_algo: hashing algo from hashlib to use, default is 'md5'
+    :param hash_algo: hashing algo from hashlib to use, default is 'sha256'
     :returns: True if the hash of reference content is the same as
         the hash of file's content, False otherwise
     """
diff --git a/releasenotes/notes/fips-hashlib-bca9beacc2b48fe7.yaml b/releasenotes/notes/fips-hashlib-bca9beacc2b48fe7.yaml
new file mode 100644
index 0000000000..1c96a16009
--- /dev/null
+++ b/releasenotes/notes/fips-hashlib-bca9beacc2b48fe7.yaml
@@ -0,0 +1,4 @@
+fixes:
+  - |
+    Use SHA256 for comparing file contents instead of MD5. This improves FIPS
+    compatibility.