2 Replies Latest reply: Aug 10, 2011 10:41 PM by 830591 RSS

    SSLv2Hello support with SunPKCS11/NSS in FIPS mode

    843811
      Does anyone know if there is a way to enable support for SSLv2Hello when the JRE is configured to use a FIPS crypto module?

      I have an NSS database running in FIPS mode, plugged into my JRE via the following lines in my java.security file:
      security.provider.1=sun.security.pkcs11.SunPKCS11 C:/nss-pkcs11-test/nss-pkcs11.cfg
      security.provider.4=com.sun.net.ssl.internal.ssl.Provider SunPKCS11-NSSFIPS
      nss-pkcs11.cfg:
      name=NSSFIPS
      nssLibraryDirectory=C:\nss-3.11.4\lib
      nssSecmodDirectory=C:\nss-pkcs11-test
      nssDbMode=readOnly
      nssModule=fips
      and keystore/truststore config in the SSL connector in Tomcat's server.xml:
          <!-- TEST NSS PKCS11 MODULE -->
          <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
                     maxThreads="150" scheme="https" secure="true"
                   keystoreFile=""
                   keystoreType="PKCS11"
                   keystoreProvider="SunPKCS11-NSSFIPS"
                   keystorePass="nsspassword"
                   truststoreFile=""
                   truststoreType="PKCS11"
                   truststoreProvider="SunPKCS11-NSSFIPS"
                   truststorePass="nsspassword"
                     clientAuth="true" sslProtocol="TLS" />
      I've tried setting -Dhttps.protocols=TLSv1,SSLv2Hello, but that doesn't seem to make any difference. Currently the only way I can get things working is to disable SSLv2 in the browser, which is less than ideal in terms of user base support. Without SSLv2 disabled in the browser, I see the following error in my logs and am unable to establish the SSL connection with the server:

      http-8443-1, handling exception: javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled

      I understand that SSLv2 is not (and should not be) supported in FIPS mode, but it seems like when you have a browser client that supports TLS but sends an SSLv2Hello by default, the server (in my case, Tomcat 6 using the aforementioned JRE) should be smart enough to renegotiate the connection to TLS.

      Any thoughts would be appreciated!