Postgres Pro
Downloads
Home   >   mailing lists

Re: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256) - Mailing list pgsql-jdbc

From Dave Cramer
Subject Re: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256)
Date
Msg-id CADK3HHJwLx+SkAaxFZO67Asb65opWdN+C4qmJzrKdgwCdtHaJA@mail.gmail.com
Whole thread Raw
In response to RE: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256)  ("McDermott, Becky" <bmcderm@sandia.gov>)
Responses RE: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256)  ("McDermott, Becky" <bmcderm@sandia.gov>)
List pgsql-jdbc
Tree view
Becky,


On Tue, 29 Mar 2022 at 10:26, McDermott, Becky <bmcderm@sandia.gov> wrote:

>> From: Dave Cramer <davecramer@postgres.rocks>
>> Sent: Monday, March 28, 2022 9:04 AM
>> Honestly I don't know. What I would do is try this on a redhat machine (not in a docker container) to start with. If that fails then you have somewhere to start.

I rebuilt my container using “FROM openjdk:11” and deployed my test application to our Kubernetes cluster.  Now when I look at the pod logs, I can see that it is successfully connecting:

About to try connecting to postreSQL database ...
Connected to the PostgreSQL server successfully
Successfully connected to the database!!  Try running a query
Inside main - about to enter a long loop
Looping a set number of times ... Loop Iteration:  1
Looping a set number of times ... Loop Iteration:  2
Looping a set number of times ... Loop Iteration:  3
Looping a set number of times ... Loop Iteration:  4

So openjdk:11 appears to have the cryptography libraries in the JVM.  Now we can figure out what is missing from our Iron Bank base image.

Thank you so much everyone for your help.  I believe we are on the right track to getting our application running on FIPS enabled hosts.

I really appreciate everyone’s input.


Please post your findings here. We really appreciate it when people find a solution and post the solution so that others can benefit.

Regards,

Dave

pgsql-jdbc by date:

Previous
From: "McDermott, Becky"
Date:
Subject: RE: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256)
Next
From: "McDermott, Becky"
Date:
Subject: RE: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256)