问题
Currently. I have to create client application to connect IBM MQ server which only support TLS. After google a lot. I know the JDK used have to support FIPS.
Any one can help with how to set it up on Linux server?
回答1:
You're right. FIPS is not supported as default in Oracle JDK.
- Download JCE from http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
- Put the extracted jars to %JAVA_HOME%/jre/lib/security. But these jars are just interface.
- Install NSS as an FIPS implementation.
- Change your java.security provider to it.
Or you can switch to use IBM SDK will is easy to config FIPS mode, Details please refer to IBM knowledge center.
回答2:
There are a couple of other resources that would be useful here.
- TLS support with MQ 8.0.0.2 JMS is available the Oracle JRE. Blog article
- Also this page from Oracle's documentation (cited in the the above article) gives more information FIPS in Oralce JRS
来源:https://stackoverflow.com/questions/34348687/how-to-set-oracle-jdk-support-fips-mode