[CI] :x-pack:plugin:sql:qa:jdbc:security:with-ssl:v7.10.1#bwcTest (fips) failure #66095

martijnvg · 2020-12-09T10:49:15Z

Build scan: https://gradle-enterprise.elastic.co/s/elzmdxfctoyi6
(ES_RUNTIME_JAVA=zulu11,nodes=general-purpose)

Repro line: (no reproduce line)

Reproduces locally?: No

Applicable branches: master

Failure history:

https://gradle-enterprise.elastic.co/s/3cmfp5x4tcmeg (ES_RUNTIME_JAVA=zulu11,nodes=general-purpose)
https://gradle-enterprise.elastic.co/s/5vyjqckrl3v5g (ES_RUNTIME_JAVA=java11,nodes=general-purpose)
https://gradle-enterprise.elastic.co/s/yrwejit7yf3h6 (ES_RUNTIME_JAVA=adoptopenjdk11,nodes=general-purpose)
https://gradle-enterprise.elastic.co/s/gvpm7bmsp4kzk (ES_RUNTIME_JAVA=zulu8,nodes=general-purpose)

Seems to be fips related.

Failure excerpt:

QA module can't start node and build fails:

ERROR][o.e.b.ElasticsearchUncaughtExceptionHandler] [v7.10.1-bwcTest-0] uncaught exception in thread [main] |  
-- | --
  | »  org.elasticsearch.bootstrap.StartupException: org.elasticsearch.ElasticsearchSecurityException: failed to load SSL configuration [xpack.security.transport.ssl] |  
  | »  	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:174) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:161) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:127) ~[elasticsearch-cli-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:126) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  Caused by: org.elasticsearch.ElasticsearchSecurityException: failed to load SSL configuration [xpack.security.transport.ssl] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.lambda$loadSSLConfigurations$5(SSLService.java:533) ~[?:?] |  
  | »  	at java.util.HashMap.forEach(HashMap.java:1336) ~[?:?] |  
  | »  	at java.util.Collections$UnmodifiableMap.forEach(Collections.java:1505) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:529) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:140) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.XPackPlugin.createSSLService(XPackPlugin.java:413) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.XPackPlugin.createComponents(XPackPlugin.java:263) ~[?:?] |  
  | »  	at org.elasticsearch.node.Node.lambda$new$15(Node.java:542) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271) ~[?:?] |  
  | »  	at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?] |  
  | »  	at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?] |  
  | »  	at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578) ~[?:?] |  
  | »  	at org.elasticsearch.node.Node.<init>(Node.java:546) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.node.Node.<init>(Node.java:279) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:225) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:225) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:387) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	... 6 more |  
  | »  Caused by: org.elasticsearch.ElasticsearchException: failed to create trust manager |  
  | »  	at org.elasticsearch.xpack.core.ssl.TrustConfig$CombiningTrustConfig.createTrustManager(TrustConfig.java:171) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:442) ~[?:?] |  
  | »  	at java.util.HashMap.computeIfAbsent(HashMap.java:1133) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.lambda$loadSSLConfigurations$5(SSLService.java:531) ~[?:?] |  
  | »  	at java.util.HashMap.forEach(HashMap.java:1336) ~[?:?] |  
  | »  	at java.util.Collections$UnmodifiableMap.forEach(Collections.java:1505) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:529) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:140) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.XPackPlugin.createSSLService(XPackPlugin.java:413) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.XPackPlugin.createComponents(XPackPlugin.java:263) ~[?:?] |  
  | »  	at org.elasticsearch.node.Node.lambda$new$15(Node.java:542) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271) ~[?:?] |  
  | »  	at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?] |  
  | »  	at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?] |  
  | »  	at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578) ~[?:?] |  
  | »  	at org.elasticsearch.node.Node.<init>(Node.java:546) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.node.Node.<init>(Node.java:279) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:225) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:225) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:387) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	... 6 more |  
  | »  Caused by: org.elasticsearch.ElasticsearchException: failed to initialize SSL TrustManager |  
  | »  	at org.elasticsearch.xpack.core.ssl.StoreKeyConfig.createTrustManager(StoreKeyConfig.java:103) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.TrustConfig$CombiningTrustConfig.lambda$createTrustManager$0(TrustConfig.java:168) ~[?:?] |  
  | »  	at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271) ~[?:?] |  
  | »  	at java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:550) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.evaluateToArrayNode(AbstractPipeline.java:260) ~[?:?] |  
  | »  	at java.util.stream.ReferencePipeline.toArray(ReferencePipeline.java:517) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.TrustConfig$CombiningTrustConfig.createTrustManager(TrustConfig.java:169) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:442) ~[?:?] |  
  | »  	at java.util.HashMap.computeIfAbsent(HashMap.java:1133) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.lambda$loadSSLConfigurations$5(SSLService.java:531) ~[?:?] |  
  | »  	at java.util.HashMap.forEach(HashMap.java:1336) ~[?:?] |  
  | »  	at java.util.Collections$UnmodifiableMap.forEach(Collections.java:1505) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:529) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:140) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.XPackPlugin.createSSLService(XPackPlugin.java:413) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.XPackPlugin.createComponents(XPackPlugin.java:263) ~[?:?] |  
  | »  	at org.elasticsearch.node.Node.lambda$new$15(Node.java:542) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271) ~[?:?] |  
  | »  	at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?] |  
  | »  	at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?] |  
  | »  	at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578) ~[?:?] |  
  | »  	at org.elasticsearch.node.Node.<init>(Node.java:546) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.node.Node.<init>(Node.java:279) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:225) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:225) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:387) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	... 6 more |  
  | »  Caused by: java.io.IOException: Invalid keystore format |  
  | »  	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:667) ~[?:?] |  
  | »  	at sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:222) ~[?:?] |  
  | »  	at java.security.KeyStore.load(KeyStore.java:1479) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.TrustConfig.getStore(TrustConfig.java:97) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.StoreKeyConfig.createTrustManager(StoreKeyConfig.java:94) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.TrustConfig$CombiningTrustConfig.lambda$createTrustManager$0(TrustConfig.java:168) ~[?:?] |  
  | »  	at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271) ~[?:?] |  
  | »  	at java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:550) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.evaluateToArrayNode(AbstractPipeline.java:260) ~[?:?] |  
  | »  	at java.util.stream.ReferencePipeline.toArray(ReferencePipeline.java:517) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.TrustConfig$CombiningTrustConfig.createTrustManager(TrustConfig.java:169) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:442) ~[?:?] |  
  | »  	at java.util.HashMap.computeIfAbsent(HashMap.java:1133) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.lambda$loadSSLConfigurations$5(SSLService.java:531) ~[?:?] |  
  | »  	at java.util.HashMap.forEach(HashMap.java:1336) ~[?:?] |  
  | »  	at java.util.Collections$UnmodifiableMap.forEach(Collections.java:1505) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:529) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:140) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.XPackPlugin.createSSLService(XPackPlugin.java:413) ~[?:?] |  
  | »  	at org.elasticsearch.xpack.core.XPackPlugin.createComponents(XPackPlugin.java:263) ~[?:?] |  
  | »  	at org.elasticsearch.node.Node.lambda$new$15(Node.java:542) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271) ~[?:?] |  
  | »  	at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?] |  
  | »  	at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913) ~[?:?] |  
  | »  	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?] |  
  | »  	at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578) ~[?:?] |  
  | »  	at org.elasticsearch.node.Node.<init>(Node.java:546) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.node.Node.<init>(Node.java:279) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:225) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:225) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:387) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] |  
  | »  	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170) ~[elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]

The text was updated successfully, but these errors were encountered:

elasticmachine · 2020-12-09T10:49:18Z

Pinging @elastic/es-security (Team:Security)

benwtrent · 2020-12-14T16:39:42Z

Another FIPS failure: https://gradle-enterprise.elastic.co/s/3pwpovkmlqieg

Same keystore format failure.

mark-vieira · 2020-12-15T18:57:37Z

@jkakavas The FIPS builds are completely busted and have been for some time. Should we mute this, send the notifications elsewhere, etc? It's causing undue noise for test triage.

jkakavas · 2020-12-15T19:08:02Z

I am aware @mark-vieira but the triage and fix process we have right now for FIPS 140 related failures doesn't scale and I'm a bottleneck. We can reroute the notifications temporarily to a different address

mark-vieira · 2020-12-15T20:14:44Z

Indeed all FIPS stuff goes your direction so perhaps we should route the notifications so test triage isn't the main creator of these issues. Is there a mailing list I can send the FIPS build emails to? Or slack channel, someway that test triage isn't overwhelmed by the noise but these don't fall through the cracks?

jkakavas · 2020-12-15T20:22:11Z

so perhaps we should route the notifications so test triage isn't the main creator of these issues.

TBC ,the mid/long term goal should be that fips related failures/issues/fixes are handled in the same way as any other CI failure, we're just not there yet(again). It's a constant pain/effort, we were having mostly successful builds a few weeks/months back.

There is no list that we can use at the moment, can we create a new google group (build-failures-fips) where we can route these for now, until we are ready to merge them back to the build failures group ? I can make the request tomorrow morning and raise the relevant infra PR if you don't get to it by then.

jkakavas · 2020-12-17T21:34:24Z

This is rightly failing. What is concerning is that it just started failing recently. I started failing after #65807 which made sure we apply the fips configuration to the correct plugins and it looks like until that time a lot of projects were not running with the fips configuration as the contents of fips.gradle were not applied. ( This also explains the fury of CI failures after December 8 )

I will mute this project as JDBC client only supports keystores and we can't use JKS/PKCS12 keystores in fips mode, but I'm curious about #65807 @mark-vieira , @breskeby . Could you explain why pluginManager.withPlugin('java') was wrong and if `pluginManager.withPlugin('java-base') covers everything we care about ?

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: elastic#66095

mark-vieira · 2020-12-17T22:54:39Z

Could you explain why pluginManager.withPlugin('java') was wrong and if `pluginManager.withPlugin('java-base') covers everything we care about ?

Not all projects get java applied, specifically, the standalone test projects.

My intention is to ditch all that nonsense here soon. The matrix of different project plugins i starting to get out of hand.

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: #66095

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: elastic#66095

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: #66095

martijnvg added >test-failure Triaged test failures from CI :Security/Security Security issues without another label labels Dec 9, 2020

elasticmachine added the Team:Security Meta label for security team label Dec 9, 2020

jkakavas added a commit to jkakavas/elasticsearch that referenced this issue Dec 17, 2020

Mute JDBC client tests with SSL in FIPS mode

4c67c3e

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: elastic#66095

jkakavas mentioned this issue Dec 17, 2020

Mute JDBC client tests with SSL in FIPS mode #66566

Merged

jkakavas closed this as completed in #66566 Dec 18, 2020

jkakavas added a commit that referenced this issue Dec 18, 2020

Mute JDBC client tests with SSL in FIPS mode (#66566)

cc15a28

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: #66095

jkakavas added a commit that referenced this issue Dec 22, 2020

Mute JDBC client tests with SSL in FIPS mode (#66566) (#66745)

d3418d0

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: #66095

jkakavas added a commit that referenced this issue Dec 22, 2020

Mute JDBC client tests with SSL in FIPS mode (#66566) (#66746)

6529160

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: #66095

jkakavas added a commit that referenced this issue Dec 22, 2020

Mute JDBC client tests with SSL in FIPS mode (#66566) (#66747)

2fd049c

JDBC client can only be configured for SSL with keystores, but we can't use JKS/PKCS12 keystores in FIPS 140-2 mode. Resolves: #66095

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[CI] :x-pack:plugin:sql:qa:jdbc:security:with-ssl:v7.10.1#bwcTest (fips) failure #66095

[CI] :x-pack:plugin:sql:qa:jdbc:security:with-ssl:v7.10.1#bwcTest (fips) failure #66095

martijnvg commented Dec 9, 2020 •

edited

Loading

elasticmachine commented Dec 9, 2020

benwtrent commented Dec 14, 2020

mark-vieira commented Dec 15, 2020

jkakavas commented Dec 15, 2020

mark-vieira commented Dec 15, 2020

jkakavas commented Dec 15, 2020

jkakavas commented Dec 17, 2020

mark-vieira commented Dec 17, 2020

[CI] :x-pack:plugin:sql:qa:jdbc:security:with-ssl:v7.10.1#bwcTest (fips) failure #66095

[CI] :x-pack:plugin:sql:qa:jdbc:security:with-ssl:v7.10.1#bwcTest (fips) failure #66095

Comments

martijnvg commented Dec 9, 2020 • edited Loading

elasticmachine commented Dec 9, 2020

benwtrent commented Dec 14, 2020

mark-vieira commented Dec 15, 2020

jkakavas commented Dec 15, 2020

mark-vieira commented Dec 15, 2020

jkakavas commented Dec 15, 2020

jkakavas commented Dec 17, 2020

mark-vieira commented Dec 17, 2020

martijnvg commented Dec 9, 2020 •

edited

Loading