Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-3160

TLS 1.2 is not supported by Oracle/OpenJDK in FIPS mode

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 7.0.0.ER6
    • 7.0.0.ER5
    • Documentation
    • None

    Description

      Book: How To Configure Server Security
      Revision: n_2098001_how-to-configure-server-security_version_7.0.beta_edition_1.0_release_0-revision_7704423
      Section: 2.2.7. Enable FIPS 140-2 Cryptography for SSL/TLS on Red Hat Enterprise Linux 6

      Issue description: TLS 1.2 is not supported by Oracle/OpenJDK java in fips mode: "NoSuchAlgorithmException: no such algorithm: SunTls12MasterSecret for provider SunPKCS11-testPkcs". Aas stated here https://access.redhat.com/solutions/1309153 it is caused by https://bugs.openjdk.java.net/browse/JDK-8029661

      Suggestions for improvement: Add note that TLS 1.2 is not supported by Oracle/OpenJDK java (and therefore neither EAP) in FIPS mode

      Attachments

        Activity

          People

            zrhoads Zach Rhoads (Inactive)
            mchoma@redhat.com Martin Choma
            Martin Choma Martin Choma
            Martin Choma Martin Choma
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 30 minutes
                30m