Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Undefined
Fix Version/s: None
Affects Version/s: rhel-9.0.0
Component/s: java-1.8.0-openjdk
Labels:

Regression:
None
Severity:
None
Epic Link:
RHELPLAN-104921

AssignedTeam:
rhel-sst-java

Story Points:
None
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

Release Note Type:
If docs needed, set a value

Experience:
Architecture:

Unspecified
Bugzilla Bug:
RHBZ: 2029668

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None
Internal Target Milestone numeric:
57,005

This bug was initially created as a copy of Bug #2020290

I am copying this bug because:

RHEL 9 needs to be kept in sync.

When OpenJDK runs on a FIPS-configured system, TLS 1.3 (implemented in the SunJSSE security provider) is disabled both on the server and client sides (RH1860986). The reason is that the PKCS#11 key derivation mechanism for TLS 1.3 is not supported in the SunPKCS11 security provider; and the SunJSSE code for key derivation would require to import plain secret keys into an NSS Software Token (blocked by RH1991003).

The goal of this task is to implement a solution to re-enable TLS 1.3 on both server and client sides when OpenJDK runs in FIPS mode.

is blocked by

RHEL-3425 Enable the export of keys in plain from the NSS Software Token while in FIPS mode [rhel-9, openjdk-8]

Closed

external trackers

openjdk bug system JDK-8278640

Red Hat Issue Tracker RHELPLAN-104933

Assignee:: Martin Balao

Reporter:: Andrew Hughes

Developer:: Martin Balao

QA Contact:: David Kutalek

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2023/09/12 10:13 PM

Updated:: 2025/03/14 4:35 PM

Resolved:: 2025/03/14 4:35 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide