Hello everyone, I have a Grails application running under Tomcat 6 on a RHEL6 box in FIPS-140 mode (install dracut-fips, disable prelink, rebuild initrd with 'dracut -f', add FIPS=1 and boot=<bootpart> to grub.conf). We require all connections be over SSL, and currently have been using the JSSE connectors. While browsers connect just fine, we've been unable to get our agent processes using a gsoap to connect to our application. The error is that the Diffie-Hellman key length is too short. Specifically "error:0506706E:Diffie-Hellman routines: GENERATE_KEY:key size too smallerror:14098005:SSL routines:SSL3_SEND_CLIENT_KEY_EXCHANGE:DH lib". Googling this seemed to point the finger at the server end, and some additional followup indicated that the stock JSSE connectors were not capable of doing longer DH key sizes, such as would be required by FIPS. We're not in a position to require n alternate JSSE provider, so this dead-ended. I saw some notes that Tomcat *can* run in FIPS mode as of recent versions of TC6 and 7 using APR connectors with the TC native libraries. With a RHEL6.4 box in FIPS mode I was unable to get either version of Tomcat to pass the 'run-ssl-server' test. I had to play around a bit to execute mkcerts (change md5 to sha1) to get it to work, and then tweak the SSL.properties file to point at the generated certs, but then kept getting a 'This function has not been implemented on this platform' erro from 'ant run-ssl-server'.
I *DID* finally get it to work, but I had to remove the line in native/src/ssl.c at line 77. This is in the SSL_TMP_KEY_INIT macro where it tries to generate the 512 bit RSA keys. Now the 'run-ssl-server' test works and I could connect. I could also get my app to run behind tomcat if I configured the APR listener *without* the FIPS=1 setting (otherwise startup still failed), and had full communications between my webserver and agent processes. Looking at that macro and how it is used it looks like if *any* of the RSA/DH key inits fail the entire process aborts. I would have thought is should have queries the openssl code for available RSA/DH options and tried those. Several folks that I talk with at work indicated that a 512 RSA keyset is not valid as per FIPS-140-2. I'm inexperienced enough with web stuff in general (inherited this code) and FIPS/crypto, so I wanted to toss what I found back to this list and see if I'm not understanding something correctly. Thank you, Rob --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
