FIPS-related jagtool commands  Troubleshooting

Chapter 9: Using TLS and FIPS in EAServer

FIPS mode for Java-side cryptography usage

Java clients using the Java Secure Socket Extension (JSSE) to establish a SSL connection should use a FIPS-approved JSSE provider. EAServer SSL client runtime is not a JSSE provider.

Java clients and components that utilize a Java Cryptography Extension (JCE) provider should install a FIPS-enabled JCE provider to operate in a FIPS 140 mode. Further, Java components hosted in EAServer that also use a JCE provider should install a FIPS-enabled FIPS provider.

EAServer does not invoke native (Java language) cryptographic functionality directly. The SSL functions provided by the EAServer Java runtime is implemented in C. If there is any Java code in EAServer that invokes a JCE provider, or JSSE, a FIPS-enabled JCE provider must be installed in the JDK/JRE used by EAServer.

Copyright © 2005. Sybase Inc. All rights reserved. Troubleshooting