Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-5310

Enforce EMS in Java in FIPS mode

    XMLWordPrintable

Details

    • Story
    • Resolution: Unresolved
    • Undefined
    • None
    • rhel-9.3.0
    • crypto-policies
    • sst_security_crypto
    • ssg_security
    • False
    • Hide

      None

      Show
      None
    • Unspecified
    • If docs needed, set a value
    • Unspecified

    Description

      I've learned of jdk.tls.allowLegacyMasterSecret=false option's existence.

      Should I set it in FIPS mode? What are the downsides?
      Which of the JDK versions we ship have this option working?
      Will it be simply ignored by those that don't have it working?

      Attachments

        Activity

          People

            asosedki@redhat.com Alexander Sosedkin
            asosedki@redhat.com Alexander Sosedkin
            SSG Security QE SSG Security QE
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: