Java application experiences 'FileNotFoundException: secmod.db' starting with FIPS
Issue
- Trying to start our java application with FIPS, we see the following error:
java.security.ProviderException: Could not initialize NSS
at jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:222)
at jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11$1.run(SunPKCS11.java:117)
at jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11$1.run(SunPKCS11.java:114)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11.configure(SunPKCS11.java:114)
at java.base/sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:251)
at java.base/sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:242)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:242)
at java.base/sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:222)
at java.base/sun.security.jca.ProviderList.getProvider(ProviderList.java:266)
at java.base/sun.security.jca.ProviderList.getService(ProviderList.java:379)
...
Caused by: java.io.FileNotFoundException: /path/to/nssdb/secmod.db
at jdk.crypto.cryptoki/sun.security.pkcs11.Secmod.initialize(Secmod.java:223)
at jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:217)
... 36 common frames omitted
Environment
- Red Hat Enterprise Linux 8
- OpenJDK
- FIPS
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
