Bug 2014194

Summary: Enable the import of plain keys into the NSS Software Token while in FIPS mode [rhel-8, openjdk-8] [rhel-8.5.0.z]
Product: Red Hat Enterprise Linux 8 Reporter: RHEL Program Management Team <pgm-rhel-tools>
Component: java-1.8.0-openjdkAssignee: Andrew John Hughes <ahughes>
Status: CLOSED ERRATA QA Contact: OpenJDK QA <java-qa>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 8.4CC: ahughes, dwojewod, jandrlik, jvanek, leiyu, mbalao, mmillson, orivat, rrelyea, ssorce
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: java-1.8.0-openjdk-1.8.0.312.b05-0.2.ea.el8_5 Doc Type: Bug Fix
Doc Text:
While in FIPS mode, the NSS Software Token does not allow the import of private or secret plain keys. This caused the OpenJDK keytool application to fail when used with OpenJDK in FIPS mode. With this update, OpenJDK will now import such keys into the NSS database. This behaviour may be disabled using -Dcom.redhat.fips.plainKeySupport=false.
 Story Points: ---
Clone Of: 1994659 Environment:
Last Closed: 2021-11-09 20:14:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1994659    
Bug Blocks:    

Comment 11 errata-xmlrpc 2021-11-09 20:14:56 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (java-1.8.0-openjdk bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:3888