#48927 Console throws IOExcpetion when trying to access the Encryption tab with FIPS mode enabled
Closed: wontfix None Opened 7 years ago by nhosoi.

Description of problem: Admin server console throws IOException when accessing Encryption Tab. This issue occurs only when SSL is enabled with FIPS mode.

Steps to Reproduce:
1. Install DS10.0 admin console and directory server packages on RHEL7.1 latest.
yum -y install redhat-ds 389-adminutil idm-console-framework
2. Create admin and directory server instances using setup-ds-admin.pl.
3. Enable FIPS mode.
modutil -dbdir /etc/dirsrv/admin-serv -fips true
modutil -dbdir /etc/dirsrv/slapd-M1 -fips true
4. Restart servers.
5. Access Encryption tab from admin server console.
Result: Success
6. Select "Enable SSL for this server" and "use this cipher family: RSA" from the Encryption tab and Save the changes.
7. Restart admin server from command line and access Encryption tab.
8. It hangs for 10 to 15 secs and throws IOException. See attachment - IOException
9. Click "OK" to clear the exception and you will see the Encryption tab hides the Cipher family option. See attachment - EncrptionTab

Actual results: Encryption tab throws IOException in FIPS/SSL mode.

Expected results: It should work with FIPS/SSL enabled mode.


This works for me on Fedora 24:

nss-3.25.0-1.2
jss-4.2.6-41
ldapjdk-4.18-18

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
- Issue set to the milestone: 389-admin,console 1.1.44

7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/1986

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Invalid)

3 years ago

Login to comment on this ticket.

Metadata