Enabling FIPS for Tomcat

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Enabling FIPS for Tomcat

Amit Pande
Dear all,

The link below documents how to enable FIPS (using Bouncy Castle) for Tomcat.

https://github.com/amitlpande/tomcat-9-fips

Kindly let me know your inputs if this needs any corrections, enhancements.

Also, a request to Tomcat leads: It is possible for these steps to be part of (extended) Tomcat documentation? Even if currently it uses Bouncy Castle as FIPS JCA/JCE provider, with minor changes it would work for any other provider too (e.g. CryptoComply for Java / CCJ from Safelogic)

Thanks,
Amit

Reply | Threaded
Open this post in threaded view
|

Re: Enabling FIPS for Tomcat

markt
On 29/09/2020 16:25, Amit Pande wrote:
> Dear all,
>
> The link below documents how to enable FIPS (using Bouncy Castle) for Tomcat.
>
> https://github.com/amitlpande/tomcat-9-fips
>
> Kindly let me know your inputs if this needs any corrections, enhancements.
>
> Also, a request to Tomcat leads: It is possible for these steps to be part of (extended) Tomcat documentation? Even if currently it uses Bouncy Castle as FIPS JCA/JCE provider, with minor changes it would work for any other provider too (e.g. CryptoComply for Java / CCJ from Safelogic)

You can always create a page in the wiki. Maybe "FAQ > Security > FIPS".

You'll need to create an account and then ask (on this list is fine) for
write access.

Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: [EXTERNAL] Re: Enabling FIPS for Tomcat

Amit Pande
Thank you Mark!

Will work on getting this added to the Wiki page.

Would appreciate feedback from all to confirm accuracy/usefulness.

Thanks,
Amit

-----Original Message-----
From: Mark Thomas <[hidden email]>
Sent: Tuesday, September 29, 2020 1:40 PM
To: [hidden email]
Subject: [EXTERNAL] Re: Enabling FIPS for Tomcat

On 29/09/2020 16:25, Amit Pande wrote:

> Dear all,
>
> The link below documents how to enable FIPS (using Bouncy Castle) for Tomcat.
>
> https://github.com/amitlpande/tomcat-9-fips
>
> Kindly let me know your inputs if this needs any corrections, enhancements.
>
> Also, a request to Tomcat leads: It is possible for these steps to be
> part of (extended) Tomcat documentation? Even if currently it uses
> Bouncy Castle as FIPS JCA/JCE provider, with minor changes it would
> work for any other provider too (e.g. CryptoComply for Java / CCJ from
> Safelogic)

You can always create a page in the wiki. Maybe "FAQ > Security > FIPS".

You'll need to create an account and then ask (on this list is fine) for write access.

Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]