Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8217835 Remove the experimental SunJSSE FIPS compliant mode
  3. JDK-8217911

Release Note: Removal of Experimental FIPS 140 Compliant Mode from SunJSSE Provider

    XMLWordPrintable

    Details

      Description

      The experimental FIPS 140 compliant mode has been removed from the SunJSSE provider.

      Legacy applications might have used the experimental mode with one of the following approaches:
        1. Updating the `java.security` file and specifying a crypto provider for the SunJSSE provider (for example, `security.provider.4=com.sun.net.ssl.internal.ssl.Provider SunPKCS11-NSS`)
        2. Using the JDK internal class and creating a provider with a specified crypto provider (for example, `new com.sun.net.ssl.internal.ssl.Provider(cryptoProvider);`).

      Because the SunJSSE provider uses JDK default cryptography providers, applications can configure the `security.provider` security properties to use the FIPS 140 compliant cryptography providers.

        Attachments

          Activity

            People

            Assignee:
            xuelei Xue-Lei Fan
            Reporter:
            xuelei Xue-Lei Fan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: