Wildlfy app not starting: cause: ApplicationRealm is not getting intailized throwing : FIPS mode: only SunJSSE TrustManagers may be used

Creata a web application war module Create keystore/truststore as shown below keytool -genkey -alias wildflywebapp -keyalg rsa -sigalg SHA256withRSA -keysize 2048 -dname CN=<your hostname> -keystore wildflywebapp.keystore -keypass wildflywebapp@01 -storepass wildflywebapp@01 -storetype PKCS12 <JRE HOME>/bin/keytool -export -alias wildflywebapp -file wildflywebapp.cer -keystore wildflywebapp.keystore -storepass wildflywebapp@01 -storetype PKCS12 <JRE HOME>/jre/bin/keytool -import -alias wildflywebapp -file wildflywebapp.cer -noprompt -keystore wildflywebapp.truststore -storepass wildflywebapp@01 -storetype PKCS12 configure standalone-full.xml as shown below <management> <security-realm name="ApplicationRealm"> <server-identities> <ssl protocol="TLSv1.2"> <keystore path="wildflywebapp.keystore" relative-to="jboss.server.config.dir" keystore-password="wildflywebapp@01" provider="PKCS12"/> </ssl> </server-identities> <authentication> <truststore path="wildflywebapp.truststore" relative-to="jboss.server.config.dir" keystore-password="wildflywebapp@01" provider="PKCS12"/> <local default-user="$local" allowed-users="*" skip-group-loading="true"/> <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> </authentication> <authorization> <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/> </authorization> </security-realm> </security-realms> Download bc-fips.jar and copy to JRE/lib/ext dir form  https://mvnrepository.com/artifact/org.bouncycastle/bc-fips/1.0.1 Create a java.security file with below contents# /dev/urandom is required for performance on Linux securerandom.source= file:/dev/./urandom java.security.egd= file:/dev/urandom crypto.policy=unlimited The list of providers required. security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider security.provider.2=com.sun.net.ssl.internal.ssl.Provider BCFIPS security.provider.3=sun.security.provider.Sun security.provider.4=com.sun.crypto.provider.SunJCE security.provider.5=sun.security.jgss.SunProvider security.provider.6=com.sun.security.sasl.Provider security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.8=sun.security.smartcardio.SunPCSC security.provider.9=com.sun.crypto.provider.SunJCE security.provider.10=com.sun.crypto.provider.SunJCE #security.provider.11=com.sun.net.ssl.internal.ssl.Provider <WILDFLY_HOME>/standalone/deployments folder and start wildlfy  with the following command  <Wildfly HOME>/bin/standalone.sh -b 0.0.0.0 -bmanagement=0.0.0.0 -c standalone-full.xml -D java.security application did not start observer below error in log  2021/08/18 02:14:18 INFO [org.jboss.as.server.deployment.scanner] WFLYDS0013: Started FileSystemDeploymentService for directory /opt/NA/server/ext/appserver/standalone/deployments 2021/08/18 02:14:18 ERROR [org.jboss.msc.service.fail] MSC000001: Failed to start service org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.ApplicationRealm.ssl-context: WFLYDM0018: Unable to start service at org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:118) [wildfly-domain-management-16.0.0.Final.jar:16.0.0.Final] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) [jboss-msc-1.4.12.Final.jar:1.4.12.Final] at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) [jboss-msc-1.4.12.Final.jar:1.4.12.Final] at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) [jboss-msc-1.4.12.Final.jar:1.4.12.Final] at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1363) at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_292] Caused by: java.security.KeyManagementException: FIPS mode: only SunJSSE TrustManagers may be used at sun.security.ssl.SSLContextImpl.chooseTrustManager(SSLContextImpl.java:132) [jsse.jar:1.8.0_292] at sun.security.ssl.SSLContextImpl.engineInit(SSLContextImpl.java:94) [jsse.jar:1.8.0_292] at javax.net.ssl.SSLContext.init(SSLContext.java:282) [rt.jar:1.8.0_292] at org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:109) [wildfly-domain-management-16.0.0.Final.jar:16.0.0.Final] ... 8 more As per SSLContextIMPl implementation when FIPS is enabled https: //github .com /bpupadhyaya/openjdk-8/blob/master/jdk/src/share/classes/sun/security/ssl/SSLContextImpl .java # FIPS SSLSocketImpl says u can't override trustmanagers as TLS security lies on having certificate outgoing communication form (Wildfly app)  -> any server  so Wildfly app can understand its commuincation right server over TLS But we are trying to override  SSLContext Trustmanager Implemntaiton which is not allowed when FIPS is enabled at SSL PRovider level  https://github.com/wildfly/wildfly-core/blob/main/domain-management/src/main/java/org/jboss/as/domain/management/security/SSLContextService.java }}{{