Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8217835 Remove the experimental SunJSSE FIPS compliant mode
  3. JDK-8217911

Release Note: Removal of Experimental FIPS 140 Compliant Mode from SunJSSE Provider

XMLWordPrintable

      The experimental FIPS 140 compliant mode has been removed from the SunJSSE provider.

      Legacy applications might have used the experimental mode with one of the following approaches:
        1. Updating the `java.security` file and specifying a crypto provider for the SunJSSE provider (for example, `security.provider.4=com.sun.net.ssl.internal.ssl.Provider SunPKCS11-NSS`)
        2. Using the JDK internal class and creating a provider with a specified crypto provider (for example, `new com.sun.net.ssl.internal.ssl.Provider(cryptoProvider);`).

      Because the SunJSSE provider uses JDK default cryptography providers, applications can configure the `security.provider` security properties to use the FIPS 140 compliant cryptography providers.

            xuelei Xuelei Fan
            xuelei Xuelei Fan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: