Details
-
Bug
-
Resolution: Done
-
Blocker
-
7.0.0.ER5
-
None
Description
Book: How To Configure Server Security
Revision: n_2098001_how-to-configure-server-security_version_7.0.beta_edition_1.0_release_0-revision_7704423
Section: 2.2.7. Enable FIPS 140-2 Cryptography for SSL/TLS on Red Hat Enterprise Linux 6
Issue description: TLS 1.2 is not supported by Oracle/OpenJDK java in fips mode: "NoSuchAlgorithmException: no such algorithm: SunTls12MasterSecret for provider SunPKCS11-testPkcs". Aas stated here https://access.redhat.com/solutions/1309153 it is caused by https://bugs.openjdk.java.net/browse/JDK-8029661
Suggestions for improvement: Add note that TLS 1.2 is not supported by Oracle/OpenJDK java (and therefore neither EAP) in FIPS mode