Re: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256)

Becky,

On Tue, 29 Mar 2022 at 10:26, McDermott, Becky <bmcderm(at)sandia(dot)gov> wrote:

> >> *From:* Dave Cramer <davecramer(at)postgres(dot)rocks>
> >> *Sent:* Monday, March 28, 2022 9:04 AM
> >> Honestly I don't know. What I would do is try this on a redhat machine
> (not in a docker container) to start with. If that fails then you have
> somewhere to start.
>
> I rebuilt my container using “FROM openjdk:11” and deployed my test
> application to our Kubernetes cluster. Now when I look at the pod logs, I
> can see that it is successfully connecting:
>
> About to try connecting to postreSQL database ...
> Connected to the PostgreSQL server successfully
> Successfully connected to the database!! Try running a query
> Inside main - about to enter a long loop
> Looping a set number of times ... Loop Iteration: 1
> Looping a set number of times ... Loop Iteration: 2
> Looping a set number of times ... Loop Iteration: 3
> Looping a set number of times ... Loop Iteration: 4
>
> So openjdk:11 appears to have the cryptography libraries in the JVM. Now
> we can figure out what is missing from our Iron Bank base image.
>
> Thank you so much everyone for your help. I believe we are on the right
> track to getting our application running on FIPS enabled hosts.
>
> I really appreciate everyone’s input.
>

Please post your findings here. We really appreciate it when people find a
solution and post the solution so that others can benefit.

Regards,

Dave