users@glassfish.java.net

Issue with SSL protocols in FIPS mode in enterprise profile

From: Visu Patlolla <visu_patlolla_at_yahoo.com>
Date: Thu, 12 Nov 2009 17:37:34 -0800 (PST)

I have created a glassfish domain in enterprise profile with NSS modules in FIPS

mode.

In FIPS mode, SSL should be restricted to TLS protocol and only certain ciphers
suites should be enabled.

But the current glassfish configuration is not restricting. And I am able to
perform SSL communication b/w a glassfish domain configured with TLS and
glassfish configured with SSL3.

Is there a way to restrict SSL protocols in FIPS mode? BTW I have tried changing the SSL protocols through admin console, but it is not affecting.

Any help in this regard is much appreciated?
Regards
Visu Patlolla

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com