Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-518

Cannot log in to the administrative control panel with FIPS-140 enabled in certain cases


    • Type: Bug
    • Status: Done
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 2.4.4
    • Fix Version/s: 6.0.0
    • Component/s: tools
    • Labels:
    • Environment:
      Windows Vista, Red Hat Enterprise Linux 5.8, JDK 6 update 32


      SunJSSE is configured to run in FIPS-140 compliant mode by updating the security providers in java.security configuration file following the instructions here:

      When OpenDJ is run in this mode, the following error occurs when trying to login to the control panel.

      Javax.naming.CommunicationException:[Root exception is javax.net.ssl.SSLKeyException: Failed to create SSLContext for TLSv1].

      logging into dsconfig also does not work.

      This was test on 2 platforms, Windows Vista and Red Hat Enterprise Linux 5.8.

      Windows Vista:

      Logging into the administrative control panel will work when installing OpenDJ in Windows Vista with the GUI installer. When the same installation is attempted using the equivalent CLI commands, logging in with the Administrative control panel will not work. This is the installation command used:

      setup.bat -cli baseDN "OU=PROG,DC=35BTU,DC=pst,DC=test,DC=com" addBaseEntry ldapPort "389" adminConnectorPort "4448" rootUserDN "cn=Directory Manager" rootUserPassword "password" enableWindowsService doNotStart enableStartTLS generateSelfSignedCertificate hostName "testhost" no-prompt -noPropertiesFile

      Red Hat Enterprise Linux 5.8:

      On the Linux platform, logging into the control panel failed when installing with either the GUI installer or CLI installer.




            • Assignee:
              matthew Matthew Swift
              brianjthomas85 brianjthomas85
              Dev Assignee:
              Matthew Swift
            • Votes:
              1 Vote for this issue
              3 Start watching this issue


              • Created: