You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi @karianna, below is what we are getting in our PingFederate server:
JFI, we are moving from Oracle java8 to open jdk 11 in our Pingfederate servers. There, PingFed's certs/keys (private) are stored in 3rd party HSM tool : safenet Luna. Now when we are trying to use the open jdk 11 , our PF servers is unable to drive the keys from HSM (The key used for server SSL cert , the key used to communicate to user data store(Microsoft AD), and all other private keys store in HSM.
This has been checked by our Ping Vendor and also from HSM provider(Safenet luna), they indicated that its something in the open jdk's java security which is creating the issue.
Hi @karianna, below is what we are getting in our PingFederate server:
JFI, we are moving from Oracle java8 to open jdk 11 in our Pingfederate servers. There, PingFed's certs/keys (private) are stored in 3rd party HSM tool : safenet Luna. Now when we are trying to use the open jdk 11 , our PF servers is unable to drive the keys from HSM (The key used for server SSL cert , the key used to communicate to user data store(Microsoft AD), and all other private keys store in HSM.
This has been checked by our Ping Vendor and also from HSM provider(Safenet luna), they indicated that its something in the open jdk's java security which is creating the issue.
Please provide a brief summary of the bug
Compatibility issue with adoption jdk due to T12KeyAgreement (TLS v1.2) implementation
OpenJDK 1.8:
ECDHE("ecdhe", ECDHKeyExchange.poGenerator, ECDHKeyExchange.ecdheKAGenerator)
Adomptium JDK 11:
ECDHE("ecdhe", ECDHKeyExchange.poGenerator, ECDHKeyExchange.ecdheXdhKAGenerator)
The use of a different SSL key agreement generator might be the cause for JDK 11 calling Luna for key derivation while JDK 1.8 does not.
Due to this our application is failing.
Did you test with the latest update version?
Please provide steps to reproduce where possible
No response
Expected Results
NA
Actual Results
NA
What Java Version are you using?
jdk11.0.23+9 for linux 64
What is your operating system and platform?
RHEL 7.9
How did you install Java?
No response
Did it work before?
No response
Did you test with other Java versions?
No response
Relevant log output
No response
The text was updated successfully, but these errors were encountered: