Bug 1724250 - Make TLS 1.3 work in FIPS mode [rhel-8]
Summary: Make TLS 1.3 work in FIPS mode [rhel-8]
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: nss
Version: 8.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: 8.0
Assignee: nss-nspr-maint
QA Contact: Ivan Nikolchev
Mirek Jahoda
: 1723586 (view as bug list)
Depends On: 1809549
Blocks: 1765268 1723586 1724251 1739559
TreeView+ depends on / blocked
Reported: 2019-06-26 14:58 UTC by Hubert Kario
Modified: 2022-04-07 08:29 UTC (History)
10 users (show)

Fixed In Version: nss-3.53.1-6.el8_2
Doc Type: Known Issue
Doc Text:
.TLS 1.3 does not work in NSS in FIPS mode TLS 1.3 is not supported on systems working in FIPS mode. As a result, connections that require TLS 1.3 for interoperability do not function on a system working in FIPS mode. To enable the connections, disable the system's FIPS mode or enable support for TLS 1.2 in the peer.
Clone Of:
: 1724251 (view as bug list)
Last Closed: 2020-08-03 13:01:31 UTC
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Mozilla Foundation 1561637 0 P2 RESOLVED TLS 1.3 does not work in FIPS mode 2020-12-09 17:59:47 UTC
Red Hat Bugzilla 1709796 1 None None None 2021-01-20 06:05:38 UTC
Red Hat Issue Tracker RHELPLAN-38711 0 None None None 2022-04-07 08:29:22 UTC
Red Hat Product Errata RHSA-2020:3280 0 None None None 2020-08-03 13:02:10 UTC

Internal Links: 1709796

Description Hubert Kario 2019-06-26 14:58:18 UTC
Description of problem:
Because of compliance reasons (see bug 1709796) TLS 1.3 is unavailable in FIPS mode.

fix this issue and allow use of TLS 1.3 in FIPS mode

Comment 8 Hubert Kario 2020-03-03 16:08:29 UTC
*** Bug 1723586 has been marked as a duplicate of this bug. ***

Comment 15 errata-xmlrpc 2020-08-03 13:01:31 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.