[wildfly-dev] Supporting FIPS in domain mode
Brian Stansberry
brian.stansberry at redhat.com
Thu Nov 19 10:50:41 EST 2015
Darran's the expert on this, but my initial naive question is whether
this can be split into two logical use cases:
1) Where we know TLS is not going to be used on the HC<->server connection.
2) Where we don't know that.
I ask because if case 2 is harder or requires changes that don't belong
in a micro release (e.g. management model changes) perhaps we can first
deal with case 1. My impression from the initial bug report is that
SSL/TLS was not configured on the host's management interfaces.
On 11/19/15 4:25 AM, Ryan Emerson wrote:
> Hello All,
>
> Currently domain mode is unable to execute when the JVM has FIPS enabled. See [1] for example config files and the resulting stacktrace.
>
> I am looking into this issue (SET engineer), however my current knowledge of core and FIPS is limited. What are your thoughts on how to implement FIPS compatibility? Is there any fundamental reasons why such a feature shouldn't be supported?
>
> [1] https://issues.jboss.org/browse/WFCORE-1135
>
> Thanks
> Ryan
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
--
Brian Stansberry
Senior Principal Software Engineer
JBoss by Red Hat
More information about the wildfly-dev
mailing list