Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 7.1.0.GA
Affects Version/s: 7.1.0.DR16
Component/s: Documentation
Labels:
- bouncycastle
- docs-bulk-37
- docs-bulk-39
- fips
- pkcs#11
- ssl

Affects:

Documentation (Ref Guide, User Guide, etc.)
Target Release:

7.1.0.GA
Git Pull Request:
https://gitlab.cee.redhat.com/red-hat-jboss-enterprise-application-platform-documentation/eap-documentation/merge_requests/3374, https://gitlab.cee.redhat.com/red-hat-jboss-enterprise-application-platform-documentation/eap-documentation/merge_requests/3484

SFDC Cases Counter:
SFDC Cases Links:

Description

I don't see way how to configure HTTP/2 in FIPS mode (PKCS11), because per HTTP/2 RFC [1] TLSv1.2 is mandatory for HTTP/2.

However in FIPS mode we are stucked with:

TLSv1.1 in case of OpenJDK/Oracle java [2]
TLSv1 in case of IBM java [3]

[1] https://tools.ietf.org/html/rfc7540#section-9.2
[2] https://bugs.openjdk.java.net/browse/JDK-8029661
[3] https://www-01.ibm.com/support/knowledgecenter/SSYKE2_8.0.0/com.ibm.java.security.component.80.doc/security-component/jsse2Docs/runfips.html

Attachments

Activity

People

Assignee:: Sande Gilda (Inactive)

Reporter:: Martin Choma

Tester:: Martin Choma

QA Contact:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 2017/04/21 3:22 AM

Updated:: 2021/10/24 6:50 AM

Resolved:: 2017/09/01 3:58 PM