SunJSSE is configured to run in FIPS-140 compliant mode by updating the security providers in java.security configuration file following the instructions here:
When OpenDJ is run in this mode, the following error occurs when trying to login to the control panel.
Javax.naming.CommunicationException:0.0.0.0:4448[Root exception is javax.net.ssl.SSLKeyException: Failed to create SSLContext for TLSv1].
logging into dsconfig also does not work.
This was test on 2 platforms, Windows Vista and Red Hat Enterprise Linux 5.8.
Logging into the administrative control panel will work when installing OpenDJ in Windows Vista with the GUI installer. When the same installation is attempted using the equivalent CLI commands, logging in with the Administrative control panel will not work. This is the installation command used:
cli baseDN "OU=PROG,DC=35BTU,DC=pst,DC=test,DC=com" addBaseEntry ldapPort "389" adminConnectorPort "4448" rootUserDN "cn=Directory Manager" rootUserPassword "password" enableWindowsService doNotStart enableStartTLS generateSelfSignedCertificate hostName "testhost" no-prompt -noPropertiesFile
Red Hat Enterprise Linux 5.8:
On the Linux platform, logging into the control panel failed when installing with either the GUI installer or CLI installer.