Details
-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
7.4.0.GA
-
None
Description
Following instructions in "How to Configure Server Security" for 7.4, chapter "1.2.13. FIPS 140-2 Complaint Cryptography", on step 7 I end up with `keytool error: java.security.ProviderException: Could not initialize NSS`. Which is indicates that configuration is wrong and it actually does not work.
It is caused by jdk bug: https://bugs.openjdk.java.net/browse/JDK-8273548
Issue occurs on RHEL8 and later ( because RHEL7 and earlier user old dbm mode by default)
There is a workaround for this: Create empty secmod.db file in nss database directory.