Bug 1994659
Summary: | Enable the import of plain keys into the NSS Software Token while in FIPS mode [rhel-8, openjdk-8] | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Andrew John Hughes <ahughes> | |
Component: | java-1.8.0-openjdk | Assignee: | Martin Balao <mbalao> | |
Status: | CLOSED ERRATA | QA Contact: | OpenJDK QA <java-qa> | |
Severity: | urgent | Docs Contact: | ||
Priority: | urgent | |||
Version: | 8.4 | CC: | dwojewod, jandrlik, jvanek, leiyu, mbalao, mmillson, orivat, rrelyea, ssorce, toneata | |
Target Milestone: | beta | Keywords: | Triaged, ZStream | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | java-1.8.0-openjdk-1.8.0.312.b05-0.2.ea.el8 | Doc Type: | Bug Fix | |
Doc Text: |
While in FIPS mode, the NSS Software Token does not allow the import of private or secret plain keys. This caused the OpenJDK keytool application to fail when used with OpenJDK in FIPS mode. With this update, OpenJDK will now import such keys into the NSS database. This behaviour may be disabled using -Dcom.redhat.fips.plainKeySupport=false.
|
Story Points: | --- | |
Clone Of: | ||||
: | 2014193 2014194 (view as bug list) | Environment: | ||
Last Closed: | 2022-05-10 13:35:21 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 2014193, 2014194, 2029655, 2029663 |
Description
Andrew John Hughes
2021-08-17 16:12:23 UTC
Adding Bob, he will have a better answer than I can provide. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (java-1.8.0-openjdk bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:1775 |