[jboss-jira] [JBoss JIRA] (WFCORE-2384) Elytron subsystem is unable to configure com.sun.net.ssl.internal.ssl.Provider in FIPS mode
Darran Lofthouse (JIRA)
issues at jboss.org
Tue Mar 7 13:16:20 EST 2017
[ https://issues.jboss.org/browse/WFCORE-2384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse moved WFLY-8112 to WFCORE-2384:
------------------------------------------------
Project: WildFly Core (was: WildFly)
Key: WFCORE-2384 (was: WFLY-8112)
Component/s: Security
(was: Security)
> Elytron subsystem is unable to configure com.sun.net.ssl.internal.ssl.Provider in FIPS mode
> -------------------------------------------------------------------------------------------
>
> Key: WFCORE-2384
> URL: https://issues.jboss.org/browse/WFCORE-2384
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Priority: Blocker
>
> Trying to configure server to run in FIPS mode using subsystem capabilities.
> I can't configure throught subsystem same as in java.security file:
> {code:title=java.security}
> security.provider.5=com.sun.net.ssl.internal.ssl.Provider SunPKCS11-testPkcs
> {code}
> because there is no possibility in subsystem to call provider constructor with arguments (I don't mean providers configuration)
> Subsystem implements provider loading in 2 steps
> * create provider instance (call noargs constructor)
> * optionally load configuration
> But to create {{com.sun.net.ssl.internal.ssl.Provider}} in FIPS mode constructor with arguments must be called [1]
> [1] http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/8u40-b25/com/sun/net/ssl/internal/ssl/Provider.java#49
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list