Can not connect to sqlserver with Bouncy Castle Fips Provider using to run the JSSE in FIPS mod
Question
I am in Java 8 v102, using sqljdbc42.jar and jtds-1.3.1.jar to connect to SQL Server 2008 in FIPS mode. I configured my Java with https:\/\/www.bouncycastle.org\/fips\/BCUserGuide.pdf<\/a> , but I am getting the below error. How can I resolve this?
Error: "FIPS mode: only SunJSSE TrustManagers may be used".
1 answers
solution1
0 2022-02-05 16:14:59
FIPS Mode doesn't allow TrustManager/KeyManager implementation from third-party sources, only SunJSSE KeyManager/TrustManager are supported which are instance of X509TrustManagerImpl/X509KeyManagerImpl .
I overcame this in postgres jdbc where it allowed me to pass custom sslFactory so I passed org.postgresql.ssl.DefaultJavaSSLFactory which in turn will prevent postgres to send it's own KeyManager implementation and will delegate the process to Java to provide with right KeyManager instance.
In other jdbc drivers, you may need to find same configuration to overcome this.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.