[jboss-jira] [JBoss JIRA] (WFCORE-1135) Unable to start Wildfly when FIPS is enabled in Domain Mode

Ryan Emerson (JIRA) issues at jboss.org
Fri Nov 20 06:36:00 EST 2015 

     [ https://issues.jboss.org/browse/WFCORE-1135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ryan Emerson updated WFCORE-1135:
---------------------------------
    Description: 
Allows FIPS use in Domain mode. This requires additional logic to standalone, due to the connections between controllers and servers. 

Resulting stacktrace when attempting to run domain mode with FIPS enabled at the JVM:

15:47:39,410 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service jboss.host.controller.client: org.jboss.msc.service.StartException in service jboss.host.controller.client: java.io.IOException: WFLYSRV0117: Unable to initialise a basic SSLContext 'FIPS mode: only SunJSSE TrustManagers may be used' 
[Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.start(HostControllerConnectionService.java:133) 
[Server:server-one] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) 
[Server:server-one] at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) 
[Server:server-one] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
[Server:server-one] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
[Server:server-one] at java.lang.Thread.run(Thread.java:745) 
[Server:server-one] Caused by: java.io.IOException: WFLYSRV0117: Unable to initialise a basic SSLContext 'FIPS mode: only SunJSSE TrustManagers may be used' 
[Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.getAcceptingSSLContext(HostControllerConnectionService.java:212)
[Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.start(HostControllerConnectionService.java:108) 
[Server:server-one] ... 5 more 

  was:
Enable FIPS support in Domain mode. This requires additional logic to standalone, due to the connections between controllers and servers. 

Resulting stacktrace when attempting to run domain mode with FIPS enabled at the JVM:

15:47:39,410 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service jboss.host.controller.client: org.jboss.msc.service.StartException in service jboss.host.controller.client: java.io.IOException: WFLYSRV0117: Unable to initialise a basic SSLContext 'FIPS mode: only SunJSSE TrustManagers may be used' 
[Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.start(HostControllerConnectionService.java:133) 
[Server:server-one] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) 
[Server:server-one] at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) 
[Server:server-one] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
[Server:server-one] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
[Server:server-one] at java.lang.Thread.run(Thread.java:745) 
[Server:server-one] Caused by: java.io.IOException: WFLYSRV0117: Unable to initialise a basic SSLContext 'FIPS mode: only SunJSSE TrustManagers may be used' 
[Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.getAcceptingSSLContext(HostControllerConnectionService.java:212)
[Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.start(HostControllerConnectionService.java:108) 
[Server:server-one] ... 5 more 



> Unable to start Wildfly when FIPS is enabled in Domain Mode
> -----------------------------------------------------------
>
>                 Key: WFCORE-1135
>                 URL: https://issues.jboss.org/browse/WFCORE-1135
>             Project: WildFly Core
>          Issue Type: Feature Request
>          Components: Domain Management, Security
>    Affects Versions: 2.0.1.Final
>            Reporter: Ryan Emerson
>            Assignee: Darran Lofthouse
>             Fix For: 3.0.0.Alpha1
>
>
> Allows FIPS use in Domain mode. This requires additional logic to standalone, due to the connections between controllers and servers. 
> Resulting stacktrace when attempting to run domain mode with FIPS enabled at the JVM:
> 15:47:39,410 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service jboss.host.controller.client: org.jboss.msc.service.StartException in service jboss.host.controller.client: java.io.IOException: WFLYSRV0117: Unable to initialise a basic SSLContext 'FIPS mode: only SunJSSE TrustManagers may be used' 
> [Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.start(HostControllerConnectionService.java:133) 
> [Server:server-one] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) 
> [Server:server-one] at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) 
> [Server:server-one] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
> [Server:server-one] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
> [Server:server-one] at java.lang.Thread.run(Thread.java:745) 
> [Server:server-one] Caused by: java.io.IOException: WFLYSRV0117: Unable to initialise a basic SSLContext 'FIPS mode: only SunJSSE TrustManagers may be used' 
> [Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.getAcceptingSSLContext(HostControllerConnectionService.java:212)
> [Server:server-one] at org.jboss.as.server.mgmt.domain.HostControllerConnectionService.start(HostControllerConnectionService.java:108) 
> [Server:server-one] ... 5 more 



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

More information about the jboss-jira mailing list