Java application unexpectedly running in FIPS mode and/or crypto policies applied on RHEL 8.6

Solution In Progress - Updated -

Issue

  • The following setting in $JAVA_HOME/jre/lib/security/java.security globally disables FIPS for all Java applications in java-1.8.0-openjdk-1.8.0.332.b09-1.el8_5 but does not work in java-1.8.0-openjdk-1:1.8.0.332.b09-2.el8_6.x86_64:
security.useSystemPropertiesFile=false
  • Upgrading from java-1.8.0-openjdk-1:1.8.0.322.b06-2.el8_5.x86_64 to java-1.8.0-openjdk-1:1.8.0.332.b09-2.el8_6.x86_64, results in an exception that indicates FIPS mode is enabled. For example:
Error occured reading security configuration; nested exception is java.io.IOException: java.security.KeyStoreException: JCEKS not found

Environment

  • Red Hat Enterprise Linux (RHEL) 8.6
  • OpenJDK 8u332
  • OpenJDK 11.0.15
  • OpenJDK 17.0.3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content