Console throws IOExcpetion when trying to access the Encryption tab with FIPS mode enabled

[389-ds-bot]

Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/48927

• Created at 2016-07-16 04:38:42 by nhosoi (@nhosoi)
• Closed as Invalid
• Assigned to mreynolds (@mreynolds389)
• Associated bugzillas
  • https://bugzilla.redhat.com/show_bug.cgi?id=1229689

---

Description of problem: Admin server console throws IOException when accessing Encryption Tab. This issue occurs only when SSL is enabled with FIPS mode.

Steps to Reproduce:

1. Install DS10.0 admin console and directory server packages on RHEL7.1 latest.
   yum -y install redhat-ds 389-adminutil idm-console-framework
2. Create admin and directory server instances using setup-ds-admin.pl.
3. Enable FIPS mode.
   modutil -dbdir /etc/dirsrv/admin-serv -fips true
   modutil -dbdir /etc/dirsrv/slapd-M1 -fips true
4. Restart servers.
5. Access Encryption tab from admin server console.
   Result: Success
6. Select "Enable SSL for this server" and "use this cipher family: RSA" from the Encryption tab and Save the changes.
7. Restart admin server from command line and access Encryption tab.
8. It hangs for 10 to 15 secs and throws IOException. See attachment - IOException
9. Click "OK" to clear the exception and you will see the Encryption tab hides the Cipher family option. See attachment - EncrptionTab

Actual results: Encryption tab throws IOException in FIPS/SSL mode.

Expected results: It should work with FIPS/SSL enabled mode.

[389-ds-bot]

Comment from mreynolds (@mreynolds389) at 2016-08-22 20:06:51

This works for me on Fedora 24:

nss-3.25.0-1.2
jss-4.2.6-41
ldapjdk-4.18-18

[389-ds-bot]

Comment from mreynolds (@mreynolds389) at 2017-02-11 23:10:33

Metadata Update from @mreynolds389:

• Issue assigned to mreynolds389
• Issue set to the milestone: 389-admin,console 1.1.44