Hello,
I need to implement java JDK ssl in a FIPS mode, so that my compiled java clients can connect via https to our apache server.
1) I am thinking I just need to implement a FIPS complaint java ssl configuration. I found the below link, which sounds like what I want to do, but I am still not sure how to do this... sounds like I need SunPKCS11-NSS , but where do I get this, and how do I install?
http://blogs.oracle.com/xuelei/entry/fips_140_compliant_mode_for
2) Is there a way to tell java to use only TLS for secure communciations?
When I try to implement above link, I get this:
Exception in thread "main" java.security.ProviderException: Crypto provider not installed: SunPKCS11-NSS
at com.sun.net.ssl.internal.ssl.Provider.<init>(Provider.java:130)
at com.sun.net.ssl.internal.ssl.Provider.<init>(Provider.java:113)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:243)
at java.security.AccessController.doPrivileged(Native Method)