<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 22:32:27 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[KEYCLOAK-7] Troubleshoot running Keycloak in FIPS mode</title>
                <link>https://folio-org.atlassian.net/browse/KEYCLOAK-7</link>
                <project id="10272" key="KEYCLOAK">folio-keycloak</project>
                    <description>&lt;h2&gt;&lt;a name=&quot;Overview&quot;&gt;&lt;/a&gt;Overview&lt;/h2&gt;

&lt;p&gt;Work with FSE (&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5d40178c4ab9030da141f4c5&quot; class=&quot;user-hover&quot; rel=&quot;5d40178c4ab9030da141f4c5&quot; data-account-id=&quot;5d40178c4ab9030da141f4c5&quot; accountid=&quot;5d40178c4ab9030da141f4c5&quot; rel=&quot;noreferrer&quot;&gt;Maksym Sinichenkom&lt;/a&gt;) to troubleshoot running Keycloak in FIPS mode.  &lt;/p&gt;

&lt;h2&gt;&lt;a name=&quot;Scope&quot;&gt;&lt;/a&gt;Scope&lt;/h2&gt;

&lt;p&gt;Collaborate/brainstorm with Eureka and DevOps to get Keycloak stable in FIPS mode.&lt;/p&gt;

&lt;h2&gt;&lt;a name=&quot;Notes&quot;&gt;&lt;/a&gt;Notes &lt;/h2&gt;

&lt;p&gt;Keycloak FIPS 140-2 support: &lt;a href=&quot;https://www.keycloak.org/server/fips#_keycloak_server_in_fips_mode_in_containers&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://www.keycloak.org/server/fips#_keycloak_server_in_fips_mode_in_containers&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Work done by &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=712020%3A72e9e005-8aea-4bc1-9fcc-65e108c2d39b&quot; class=&quot;user-hover&quot; rel=&quot;712020:72e9e005-8aea-4bc1-9fcc-65e108c2d39b&quot; data-account-id=&quot;712020:72e9e005-8aea-4bc1-9fcc-65e108c2d39b&quot; accountid=&quot;712020:72e9e005-8aea-4bc1-9fcc-65e108c2d39b&quot; rel=&quot;noreferrer&quot;&gt;Oleksandr Oliinyk&lt;/a&gt; to enable FIPS: &lt;a href=&quot;https://github.com/folio-org/folio-keycloak/pull/3&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org/folio-keycloak/pull/3&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Conversation in &lt;a href=&quot;https://teams.microsoft.com/l/message/19:ad59bf521769457cbd4263ed9cc117dc@thread.tacv2/1706714519756?tenantId=50fa36ca-7dd3-44f1-9e3f-1bf39a3963a5&amp;amp;groupId=6dc0bd10-621a-49bd-a367-fdad85f0a06a&amp;amp;parentMessageId=1706714519756&amp;amp;teamName=Eureka%20FSE%20Testing&amp;amp;channelName=FSE%20Experiments&amp;amp;createdTime=1706714519756&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;Teams&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;See also:  &lt;a href=&quot;https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#switching-the-system-to-fips-mode_using-the-system-wide-cryptographic-policies&quot; title=&quot;smart-link&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#switching-the-system-to-fips-mode_using-the-system-wide-cryptographic-policies&lt;/a&gt; &lt;/p&gt;

&lt;h2&gt;&lt;a name=&quot;%C2%A0AcceptanceCriteria&quot;&gt;&lt;/a&gt;&#160;Acceptance Criteria&lt;/h2&gt;

&lt;ul&gt;
	&lt;li&gt;FSE is able to successfully deploy Keycloak running in FIPS mode in the cloud (on the hardened AMI)&lt;/li&gt;
&lt;/ul&gt;
</description>
                <environment></environment>
        <key id="82666">KEYCLOAK-7</key>
            <summary>Troubleshoot running Keycloak in FIPS mode</summary>
                <type id="10003" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium">Task</type>
                                            <priority id="10000" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p1.svg">P1</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="557058:de4eac47-6d4e-4b50-9c3c-4a82ed705e52">Taras Spashchenko</assignee>
                                                                <reporter accountid="5cf6c546b87c300f36eb7b9a">Craig McNally</reporter>
                                    <labels>
                            <label>back-end</label>
                            <label>epam-eureka</label>
                            <label>eureka-phase4</label>
                    </labels>
                <created>Mon, 5 Feb 2024 13:43:50 +0000</created>
                <updated>Wed, 7 Feb 2024 13:07:55 +0000</updated>
                            <resolved>Wed, 7 Feb 2024 13:07:54 +0000</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>3</watches>
                                                                <comments>
                                                            <comment id="199736" author="5d40178c4ab9030da141f4c5" created="Tue, 6 Feb 2024 13:45:32 +0000"  >&lt;p&gt;Used same docker image - form folio-keycloak master branch. For regular deployment (evrk) it works fine but for Hardened image used for LoC getting an error during keystore generation&lt;/p&gt;

&lt;div class=&quot;preformatted panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;preformattedContent panelContent&quot;&gt;
&lt;pre&gt;Exception in thread &quot;main&quot; java.lang.IllegalAccessError: class org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider$CoreSecureRandom (in unnamed module @0x1b1f5012) cannot access class sun.security.provider.SecureRandom (in module java.base) because module java.base does not export sun.security.provider to unnamed module @0x1b1f5012&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10008">
                    <name>Defines</name>
                                            <outwardlinks description="defines">
                                        <issuelink>
            <issuekey id="13754">UXPROD-4605</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10149"><![CDATA[Eureka]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10063" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>PO Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10106" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>RCA Group</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10367"><![CDATA[TBD]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i097d3:j</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="231">Eureka Sprint 45</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10044" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>Story Points</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 6 Feb 2024 13:45:32 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>