java.security.NoSuchAlgorithmException: PKCS11 KeyStore not available, Trying to Enable FIPS mode using...












4















I'm trying to enable FIPS mode using SUNPKCS11 with NSS in Java 11. I got this exception java.security.NoSuchAlgorithmException: PKCS11 KeyStore not available.



When I tried to enable FIPS in Java 8 it works fine but doing the same in Java 11 throws the exception.



The initialization of SUNPKCS11 changed from Java 8 to Java 11.



In Java 8:



  Provider provider = Security.getProvider("SunPKCS11");      

  provider.configure(nssConfigFile);


Java 11:



  Provider provider = new sun.security.pkcs11.SunPKCS11(nssConfigFile);

  Security.addProvider(nssProvider);


After the initialization of SUNPKCS11 with config file, I'm trying to get the provider from the keystore as below.

One more thing is when I initialized the SUNPKCS11, it's Provider.id.info is set to
Unconfigured and unusable PKCS11 provider , Does this has some thing to do with?



KeyStore.getInstance("SUNPKCS11");


Then here I didn't have the PKCS11 in keystore.



My config file content look as below: 



  name=nss-client   

  nssLibraryDirectory=X:XXXNSSlib   

  nssSecmodDirectory=X:XXXNSSdb   

  nssModule=fips


Do I need to change something in the config file contents or is it a bug in Java 11?



Please help me with the valuable suggestions.






java fips java-11 nss sunpkcs11







share|improve this question























  • Did you take a look at SunPKCS11 provider in Java 9 ?

    – nullpointer
    Nov 20 '18 at 17:14











  • yeah but i didn't get what you are trying to mention. Do I need to pass the config params and string rather than passing file or mention the slot id?

    – N V
    Nov 20 '18 at 18:10






  • 1





    Thanks, it helped. I need to assign the return provider from configure method.

    – N V
    Nov 28 '18 at 16:11
















4















I'm trying to enable FIPS mode using SUNPKCS11 with NSS in Java 11. I got this exception java.security.NoSuchAlgorithmException: PKCS11 KeyStore not available.



When I tried to enable FIPS in Java 8 it works fine but doing the same in Java 11 throws the exception.



The initialization of SUNPKCS11 changed from Java 8 to Java 11.



In Java 8:



  Provider provider = Security.getProvider("SunPKCS11");      

  provider.configure(nssConfigFile);


Java 11:



  Provider provider = new sun.security.pkcs11.SunPKCS11(nssConfigFile);

  Security.addProvider(nssProvider);


After the initialization of SUNPKCS11 with config file, I'm trying to get the provider from the keystore as below.

One more thing is when I initialized the SUNPKCS11, it's Provider.id.info is set to
Unconfigured and unusable PKCS11 provider , Does this has some thing to do with?



KeyStore.getInstance("SUNPKCS11");


Then here I didn't have the PKCS11 in keystore.



My config file content look as below: 



  name=nss-client   

  nssLibraryDirectory=X:XXXNSSlib   

  nssSecmodDirectory=X:XXXNSSdb   

  nssModule=fips


Do I need to change something in the config file contents or is it a bug in Java 11?



Please help me with the valuable suggestions.






java fips java-11 nss sunpkcs11







share|improve this question























  • Did you take a look at SunPKCS11 provider in Java 9 ?

    – nullpointer
    Nov 20 '18 at 17:14











  • yeah but i didn't get what you are trying to mention. Do I need to pass the config params and string rather than passing file or mention the slot id?

    – N V
    Nov 20 '18 at 18:10






  • 1





    Thanks, it helped. I need to assign the return provider from configure method.

    – N V
    Nov 28 '18 at 16:11














4












4








4








I'm trying to enable FIPS mode using SUNPKCS11 with NSS in Java 11. I got this exception java.security.NoSuchAlgorithmException: PKCS11 KeyStore not available.



When I tried to enable FIPS in Java 8 it works fine but doing the same in Java 11 throws the exception.



The initialization of SUNPKCS11 changed from Java 8 to Java 11.



In Java 8:



  Provider provider = Security.getProvider("SunPKCS11");      

  provider.configure(nssConfigFile);


Java 11:



  Provider provider = new sun.security.pkcs11.SunPKCS11(nssConfigFile);

  Security.addProvider(nssProvider);


After the initialization of SUNPKCS11 with config file, I'm trying to get the provider from the keystore as below.

One more thing is when I initialized the SUNPKCS11, it's Provider.id.info is set to
Unconfigured and unusable PKCS11 provider , Does this has some thing to do with?



KeyStore.getInstance("SUNPKCS11");


Then here I didn't have the PKCS11 in keystore.



My config file content look as below: 



  name=nss-client   

  nssLibraryDirectory=X:XXXNSSlib   

  nssSecmodDirectory=X:XXXNSSdb   

  nssModule=fips


Do I need to change something in the config file contents or is it a bug in Java 11?



Please help me with the valuable suggestions.






java fips java-11 nss sunpkcs11







share|improve this question














I'm trying to enable FIPS mode using SUNPKCS11 with NSS in Java 11. I got this exception java.security.NoSuchAlgorithmException: PKCS11 KeyStore not available.



When I tried to enable FIPS in Java 8 it works fine but doing the same in Java 11 throws the exception.



The initialization of SUNPKCS11 changed from Java 8 to Java 11.



In Java 8:



  Provider provider = Security.getProvider("SunPKCS11");      

  provider.configure(nssConfigFile);


Java 11:



  Provider provider = new sun.security.pkcs11.SunPKCS11(nssConfigFile);

  Security.addProvider(nssProvider);


After the initialization of SUNPKCS11 with config file, I'm trying to get the provider from the keystore as below.

One more thing is when I initialized the SUNPKCS11, it's Provider.id.info is set to
Unconfigured and unusable PKCS11 provider , Does this has some thing to do with?



KeyStore.getInstance("SUNPKCS11");


Then here I didn't have the PKCS11 in keystore.



My config file content look as below: 



  name=nss-client   

  nssLibraryDirectory=X:XXXNSSlib   

  nssSecmodDirectory=X:XXXNSSdb   

  nssModule=fips


Do I need to change something in the config file contents or is it a bug in Java 11?



Please help me with the valuable suggestions.






java fips java-11 nss sunpkcs11




java fips java-11 nss sunpkcs11






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 20 '18 at 16:55









N VN V

214




214













  • Did you take a look at SunPKCS11 provider in Java 9 ?

    – nullpointer
    Nov 20 '18 at 17:14











  • yeah but i didn't get what you are trying to mention. Do I need to pass the config params and string rather than passing file or mention the slot id?

    – N V
    Nov 20 '18 at 18:10






  • 1





    Thanks, it helped. I need to assign the return provider from configure method.

    – N V
    Nov 28 '18 at 16:11



















  • Did you take a look at SunPKCS11 provider in Java 9 ?

    – nullpointer
    Nov 20 '18 at 17:14











  • yeah but i didn't get what you are trying to mention. Do I need to pass the config params and string rather than passing file or mention the slot id?

    – N V
    Nov 20 '18 at 18:10






  • 1





    Thanks, it helped. I need to assign the return provider from configure method.

    – N V
    Nov 28 '18 at 16:11

















Did you take a look at SunPKCS11 provider in Java 9 ?

– nullpointer
Nov 20 '18 at 17:14





Did you take a look at SunPKCS11 provider in Java 9 ?

– nullpointer
Nov 20 '18 at 17:14













yeah but i didn't get what you are trying to mention. Do I need to pass the config params and string rather than passing file or mention the slot id?

– N V
Nov 20 '18 at 18:10





yeah but i didn't get what you are trying to mention. Do I need to pass the config params and string rather than passing file or mention the slot id?

– N V
Nov 20 '18 at 18:10




1




1





Thanks, it helped. I need to assign the return provider from configure method.

– N V
Nov 28 '18 at 16:11





Thanks, it helped. I need to assign the return provider from configure method.

– N V
Nov 28 '18 at 16:11












0






active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53397862%2fjava-security-nosuchalgorithmexception-pkcs11-keystore-not-available-trying-to%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53397862%2fjava-security-nosuchalgorithmexception-pkcs11-keystore-not-available-trying-to%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

How to change which sound is reproduced for terminal bell?

Image
3 Recently upgrade to 18.10 from 18.04, and using the terminal is becoming annoying: the new alert sound is a drip ( /usr/share/sounds/gnome/default/alerts/drip.ogg ), and the previous one is still located at ( /usr/share/sounds/ubuntu/stereo/bell.ogg ). My issue is that at the gnome-terminal, when autocompleting or pressing left BOTH sounds are reproduced, at the same time. I want to just have ubuntu/stereo/bell.ogg active, not both . At the moment I have been only able to reduce the volume of the alerts (but still both are played), or turn the alerts down (but I dislike both "solutions"). gnome-terminal 18.10 teminal-bell share | improve this question
Read more

Title Spacing in Bjornstrup Chapter, Removing Chapter Number From Contents

Image
up vote 5 down vote favorite 2 I would like to make it so that the vertical space below the title of each chapter is the same when using the Bjornstrup package (i.e. so that the descenders do not affect the spacing - as shown by the red arrow in the picture below). I think I'm fairly happy with the spacing around "A chapter", so I'd really like titles without descenders (e.g. "Contents") to have the same vertical spacing as "A chapter" below the title. I would also like to remove the large "0" in the contents title. Any help appreciated, as always. documentclass[11pt,a4paper]{book} % Packages[![enter image description here][1]][1] usepackage[left=3.5cm, right=3.5cm, top=4.3cm, bottom=4.25cm]{geometry} usepackage[utf8]{inputenc} usepackage{libertine} usepackage[libertine]{newtx
Read more

Can I use Tabulator js library in my java Spring + Thymeleaf project?

Image
0 I want to add Tabulator js to my java project. I added tabulator.min.js, tabulator.min.css to resources folder. After that added to my html page these dependencies as recommending in readme.md. <link rel="stylesheet" th:href="@{/css/tabulator.min.css}"> <script type="text/javascript" th:src="@{/js/tabulator.min.js}"></script> Now my tables view all elements, that I have in the html page, but not correct. In the documentation of Tabulator is example how to create header and table, var table = new Tabulator("#example-table", { columns:[ {title:"Name", field:"name", sorter:"string", width:200, editor:true}, {title:"Age", field:"age", sorter:"
Read more