-
Bug
-
Resolution: Obsolete
-
Minor
-
None
-
7.0.0.ER6
-
None
On default domain configuration slave host controller is unable to register to master host controller. Apparently default SSLContext is created causing "java.security.KeyStoreException: FIPS mode: KeyStore must be from provider SunPKCS11-testPkcs"
See https://issues.jboss.org/browse/JBEAP-3789 for details.
Slave / master communication works OK by configuration of SSL/TLS using PKCS11 or http-remoting protocol in domain-controller/remote/discovery-options/static-discovery/protocol
<domain-controller> <remote security-realm="ManagementRealm"> <discovery-options> <static-discovery name="primary" protocol="https-remoting" host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9990}"/> </discovery-options> </remote> </domain-controller>
Is there a way remote protocol can work for slave host controller registration? Looking at remote.stacktrace, is there a way to set org.xnio.Options.SSL_STARTTLS=>false and org.xnio.Options.SSL_ENABLED=>false?
- blocks
-
JBEAP-4120 FIPS mode issues
- Resolved