Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-4091

Support Keycloak instance to run on FIPS enabled OpenShift cluster


    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • None
    • None
    • False
    • None
    • False
    • Not Selected

      1. Proposed title of this feature request
      Support Keycloak instance to run on FIPS enabled OpenShift cluster

      2. Who is the customer behind the request?
      Confirmed Stateside Support on behalf of the customer below:
          2a. Account: name and account # <- please include both
                Customer Name: Lawrence Livermore National Laboratory
                Red Hat account number: 7006439

      3. What is the nature and description of the request?
      Add support for a Keycloak instance to run on a FIPS enabled OpenShift cluster

      4. Why does the customer need this? (List the business requirements here)
      For an additional layer of security hardening and it is a requirement of US Federal customers that our products can be used in a FIPS enabled environment.

      5. How would the customer like to achieve this? (List the functional requirements here) Install keycloak on FIPS enabled OpenShift cluster

      6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented. Configure keycloak.yaml and install rhsso-operator

      7. Is there already an existing RFE upstream ? We see RFE https://issues.redhat.com/browse/KEYCLOAK-18481 was denied. Opening a support case on behalf of the customer to increase interest for this RFE.

      8. Does the customer have any specific timeline dependencies? No

      9. Which release would they like to target (i.e. RHEL 7, RHEL 8)?
      OCP 4.12.10, RHEL 8

      10. Is the sales team involved in this request and do they have any additional input? No, but this customer has assisted with RFEs in the past.

      11. List any affected packages or components.
      keycloak, fips, rh-sso, rhsso-operator

            rhn-support-igueye Issa Gueye
            rhn-support-mmarkand Mridul Markandey
            1 Vote for this issue
            3 Start watching this issue