Wow Amazing worked!!! 04-Dec-2015 00:45:30.500 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based Apache Tomcat Native library 1.1.33 using APR version 1.5.2. 04-Dec-2015 00:45:30.500 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. 04-Dec-2015 00:45:30.561 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL Initializing FIPS mode... 04-Dec-2015 00:45:30.576 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL Successfully entered FIPS mode 04-Dec-2015 00:45:30.577 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized (OpenSSL 1.0.1p 9 Jul 2015) 04-Dec-2015 00:45:30.935 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-apr-8080"] 04-Dec-2015 00:45:30.973 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["ajp-apr-8009"] 04-Dec-2015 00:45:30.976 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 2308 ms
On Fri, Dec 4, 2015 at 12:47 AM, Nithesh Kb <nitheshk...@gmail.com> wrote: > *HI Tomcat Experts,* > *I'm trying to enable fips mode in tomcat but i get these exception,* > > *04-Dec-2015 00:00:34.787 INFO [main] > org.apache.catalina.core.AprLifecycleListener.initializeSSL Initializing > FIPS mode...* > *04-Dec-2015 00:00:34.791 SEVERE [main] > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to > initialize the SSLEngine.* > * java.lang.Exception: error:2D06C06E:FIPS > routines:FIPS_mode_set:fingerprint does not match* > * at org.apache.tomcat.jni.SSL.fipsModeSet(Native Method)* > > *Steps that i have followed,* > *1. Built FIPS Capable Openssl > [**https://www.openssl.org/docs/UserGuide-2.0.pdf > <https://www.openssl.org/docs/UserGuide-2.0.pdf>**]* > *2. Installed tomcat APR and APR util > [**http://stackoverflow.com/questions/34022646/how-to-make-tomcat-fips-mode-enabling > <http://stackoverflow.com/questions/34022646/how-to-make-tomcat-fips-mode-enabling>* > *]* > *3. Installed TC-native * > > *Changes made in server.xml* > > <Listener className="org.apache.catalina.core.AprLifecycleListener" > SSLEngine="on" FIPSMode="on" /> > > > <Connector > port="8080" > protocol="org.apache.coyote.http11.Http11AprProtocol" > secure="false" > SSLEnabled="false" > scheme="http" > URIEncoding="UTF-8" > enableLookups="true" > acceptCount="10" > server="NA"/> > > *and the exception for this,* > * 04-Dec-2015 00:00:34.725 INFO [main] > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR > based Apache Tomcat Native library 1.1.33 using APR version 1.5.2.* > *04-Dec-2015 00:00:34.725 INFO [main] > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR > capabilities: IPv6 [true], sendfile [true], accept filters [false], random > [true].* > *04-Dec-2015 00:00:34.787 INFO [main] > org.apache.catalina.core.AprLifecycleListener.initializeSSL Initializing > FIPS mode...* > *04-Dec-2015 00:00:34.791 SEVERE [main] > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to > initialize the SSLEngine.* > * java.lang.Exception: error:2D06C06E:FIPS > routines:FIPS_mode_set:fingerprint does not match* > * at org.apache.tomcat.jni.SSL.fipsModeSet(Native Method)* > * at > org.apache.catalina.core.AprLifecycleListener.initializeSSL(AprLifecycleListener.java:329)* > * at > org.apache.catalina.core.AprLifecycleListener.lifecycleEvent(AprLifecycleListener.java:135)* > > *It works fine if i made FIPSMode="false"* > > *logs are attached * > > *please help me how to proceed on this.* > *Thanks in advance.* > Thanks, > Nithesh > > On Fri, Dec 4, 2015 at 12:39 AM, Nithesh Kb <nitheshk...@gmail.com> wrote: > >> HI Tomcat Experts, >> I'm trying to enable fips mode in tomcat but i get these exception, >> >> *04-Dec-2015 00:00:34.787 INFO [main] >> org.apache.catalina.core.AprLifecycleListener.initializeSSL Initializing >> FIPS mode...* >> *04-Dec-2015 00:00:34.791 SEVERE [main] >> org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Failed to >> initialize the SSLEngine.* >> * java.lang.Exception: error:2D06C06E:FIPS >> routines:FIPS_mode_set:fingerprint does not match* >> * at org.apache.tomcat.jni.SSL.fipsModeSet(Native Method)* >> >> *Steps that i have followed,* >> *1. Built FIPS Capable Openssl* >> >> >> Thanks, >> Nithesh >> > >