[Bug 56780] New: IBM Java: server.startup gives error "java.lang.IllegalArgumentException: Only TLS1.2 protocol can be enabl ed in SP800_131 strict mode"

[bugzilla]

https://issues.apache.org/bugzilla/show_bug.cgi?id=56780

            Bug ID: 56780
           Summary: IBM Java: server.startup gives error
                    "java.lang.IllegalArgumentException: Only TLS1.2
                    protocol can be enabl ed in SP800_131 strict mode"
           Product: Tomcat 7
           Version: 7.0.39
          Hardware: PC
                OS: Mac OS X 10.4
            Status: NEW
          Severity: major
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: rwa...@us.ibm.com

The problem is a change made in Tomcat 7.0.39. 

The offending code is in
org.apache.tomcat.util.net.jsse.JSSESocketFactory.{...}:

        try {
            context = SSLContext.getInstance("TLS");
            ...

            SSLServerSocket socket = (SSLServerSocket)
ssf.createServerSocket();
           ...
        } catch (NoSuchAlgorithmException e) {
            // Assume no RFC 5746 support
        } catch (KeyManagementException e) {
            // Assume no RFC 5746 support
        } catch (IOException e) {
            // Unable to determine default ciphers/protocols so use none
        }

With the IBM JVM configured for strict SP800-131a mode, the
ssf.createServerSocket() will throw an IllegalArgumentException, which is a
very bad thing to have happen in a class initializer.

IBM JRE: 6.0 (SR16) : Email me direct for the JRE if you want to test it.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org