[jboss-jira] [JBoss JIRA] (WFCORE-2384) Elytron subsystem is unable to configure com.sun.net.ssl.internal.ssl.Provider in FIPS mode
Darran Lofthouse (JIRA)
issues at jboss.org
Wed Mar 22 08:42:01 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFCORE-2384:
-------------------------------------
Fix Version/s: 3.0.0.Beta11
> Elytron subsystem is unable to configure com.sun.net.ssl.internal.ssl.Provider in FIPS mode
> -------------------------------------------------------------------------------------------
>
> Key: WFCORE-2384
> URL: https://issues.jboss.org/browse/WFCORE-2384
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Priority: Blocker
> Fix For: 3.0.0.Beta11
>
>
> Trying to configure server to run in FIPS mode using subsystem capabilities.
> I can't configure throught subsystem same as in java.security file:
> {code:title=java.security}
> security.provider.5=com.sun.net.ssl.internal.ssl.Provider SunPKCS11-testPkcs
> {code}
> because there is no possibility in subsystem to call provider constructor with arguments (I don't mean providers configuration)
> Subsystem implements provider loading in 2 steps
> * create provider instance (call noargs constructor)
> * optionally load configuration
> But to create {{com.sun.net.ssl.internal.ssl.Provider}} in FIPS mode constructor with arguments must be called [1]
> [1] http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/8u40-b25/com/sun/net/ssl/internal/ssl/Provider.java#49
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list