Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #37384 - properly pass fips=false when checking keystore #446

Merged
merged 2 commits into from
Apr 25, 2024
Merged

Fixes #37384 - properly pass fips=false when checking keystore #446

merged 2 commits into from
Apr 25, 2024

Commits on Apr 25, 2024

  1. Fixes #37384 - properly pass fips=false when checking keystore 

    In a FIPS-enabled environment, calling `keytool -list` with a wrong
password doesn't yield an error, unless we also pass `fips=false` like
we do when creating the keystore:

    # keytool -list -keystore ./store -storepass wrong-password
    Keystore type: PKCS11
    Keystore provider: SunPKCS11-NSS-FIPS

    Your keystore contains 0 entries

Passing `fips=false` makes it correctly raise the expected exception:

    # keytool -list -keystore ./store -storepass wrong-password -J-Dcom.redhat.fips=false
    keytool error: java.io.IOException: keystore password was incorrect

Fixes: 6fea0bb
(cherry picked from commit b9667a0)
    @evgeni
    evgeni committed Apr 25, 2024
    Configuration menu
    Copy the full SHA
    841f298 View commit details
    Browse the repository at this point in the history

  2. Fix tests on EL9 

    (cherry picked from commit d7e8d4e)
    @ehelms @evgeni
    ehelms authored and evgeni committed Apr 25, 2024
    Configuration menu
    Copy the full SHA
    ca88a47 View commit details
    Browse the repository at this point in the history