[jboss-jira] [JBoss JIRA] (WFLY-8112) Elytron subsystem is unable to configure com.sun.net.ssl.internal.ssl.Provider in FIPS mode
Martin Choma (JIRA)
issues at jboss.org
Tue Feb 14 08:45:02 EST 2017
Martin Choma created WFLY-8112:
----------------------------------
Summary: Elytron subsystem is unable to configure com.sun.net.ssl.internal.ssl.Provider in FIPS mode
Key: WFLY-8112
URL: https://issues.jboss.org/browse/WFLY-8112
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Martin Choma
Assignee: Darran Lofthouse
Priority: Blocker
Trying to configure server to run in FIPS mode using subsystem capabilities.
I can't configure throught subsystem same as in java.security file:
{code:title=java.security}
security.provider.5=com.sun.net.ssl.internal.ssl.Provider SunPKCS11-testPkcs
{code}
because there is no possibility in subsystem to call provider constructor with arguments (I don't mean providers configuration)
Subsystem implements provider loading in 2 steps
* create provider instance (call noargs constructor)
* optionally load configuration
But to create {{com.sun.net.ssl.internal.ssl.Provider}} in FIPS mode constructor with arguments must be called [1]
[1] http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/8u40-b25/com/sun/net/ssl/internal/ssl/Provider.java#49
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list