*HI Tomcat Experts,* *I'm trying to enable fips mode in tomcat but i get these exception,*
*04-Dec-2015 00:00:34.787 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL Initializing FIPS mode...* *04-Dec-2015 00:00:34.791 SEVERE [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to initialize the SSLEngine.* * java.lang.Exception: error:2D06C06E:FIPS routines:FIPS_mode_set:fingerprint does not match* * at org.apache.tomcat.jni.SSL.fipsModeSet(Native Method)* *Steps that i have followed,* *1. Built FIPS Capable Openssl [**https://www.openssl.org/docs/UserGuide-2.0.pdf <https://www.openssl.org/docs/UserGuide-2.0.pdf>**]* *2. Installed tomcat APR and APR util [**http://stackoverflow.com/questions/34022646/how-to-make-tomcat-fips-mode-enabling <http://stackoverflow.com/questions/34022646/how-to-make-tomcat-fips-mode-enabling>* *]* *3. Installed TC-native * *Changes made in server.xml* <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" FIPSMode="on" /> <Connector port="8080" protocol="org.apache.coyote.http11.Http11AprProtocol" secure="false" SSLEnabled="false" scheme="http" URIEncoding="UTF-8" enableLookups="true" acceptCount="10" server="NA"/> *and the exception for this,* * 04-Dec-2015 00:00:34.725 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based Apache Tomcat Native library 1.1.33 using APR version 1.5.2.* *04-Dec-2015 00:00:34.725 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].* *04-Dec-2015 00:00:34.787 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL Initializing FIPS mode...* *04-Dec-2015 00:00:34.791 SEVERE [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to initialize the SSLEngine.* * java.lang.Exception: error:2D06C06E:FIPS routines:FIPS_mode_set:fingerprint does not match* * at org.apache.tomcat.jni.SSL.fipsModeSet(Native Method)* * at org.apache.catalina.core.AprLifecycleListener.initializeSSL(AprLifecycleListener.java:329)* * at org.apache.catalina.core.AprLifecycleListener.lifecycleEvent(AprLifecycleListener.java:135)* *It works fine if i made FIPSMode="false"* *logs are attached * *please help me how to proceed on this.* *Thanks in advance.* Thanks, Nithesh On Fri, Dec 4, 2015 at 12:39 AM, Nithesh Kb <nitheshk...@gmail.com> wrote: > HI Tomcat Experts, > I'm trying to enable fips mode in tomcat but i get these exception, > > *04-Dec-2015 00:00:34.787 INFO [main] > org.apache.catalina.core.AprLifecycleListener.initializeSSL Initializing > FIPS mode...* > *04-Dec-2015 00:00:34.791 SEVERE [main] > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to > initialize the SSLEngine.* > * java.lang.Exception: error:2D06C06E:FIPS > routines:FIPS_mode_set:fingerprint does not match* > * at org.apache.tomcat.jni.SSL.fipsModeSet(Native Method)* > > *Steps that i have followed,* > *1. Built FIPS Capable Openssl* > > > Thanks, > Nithesh >
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
