Bug 1821851

Summary: [RFE] Provide SSLEngine via JSSProvider for use with PKI
Product: Red Hat Enterprise Linux 8 Reporter: Alex Scheel <ascheel>
Component: jssAssignee: Alex Scheel <ascheel>
Status: CLOSED ERRATA QA Contact: PKI QE <bugzilla-pkiqe>
Severity: unspecified Docs Contact: Florian Delehaye <fdelehay>
Priority: unspecified    
Version: 8.3CC: aakkiang, fdelehay, mharmsen, skhandel
Target Milestone: rcKeywords: FutureFeature, TestCaseProvided
Target Release: 8.0Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
.JSS now provides a FIPS-compliant SSLContext Previously, Tomcat used the SSLEngine directive from the Java Cryptography Architecture (JCA) SSLContext class. The default SunJSSE implementation is not compliant with the Federal Information Processing Standard (FIPS), therefore PKI now provides a FIPS-compliant implementation via JSS.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 03:15:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1825061    

Description Alex Scheel 2020-04-07 17:50:16 UTC 
Description of problem:

Provide a SSLEngine for use with PKI via Tomcat. 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 12 Alex Scheel 2020-08-10 13:49:41 UTC 
Should we replace "Tomcat uses SSLEngine from JCA's SSLContext." -with-> "Tomcat previously used SSLEngine from JCA's SSLContext." to make it clear that it previously used it, in PKI context?

Otherwise, LGTM.
Comment 19 errata-xmlrpc 2020-11-04 03:15:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4847