48dbe4bbff
* Add new slave jwebserver and corresponding manpage - Adjust rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch - Support JVM variant zero following JDK-8273494 no longer installing Zero's libjvm.so in the server directory - Disable HotSpot-only pre-build which is incompatible with the boot JDK being a different major version to that being built - Rebase FIPS patches from fips-18u branch and simplify by using a single patch from that repository - Detect NSS at runtime for FIPS detection - Turn off build-time NSS linking and go back to an explicit Requires on NSS - Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode - Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
13 lines
556 B
Diff
13 lines
556 B
Diff
diff --git openjdk.orig/src/java.base/share/conf/security/java.security openjdk/src/java.base/share/conf/security/java.security
|
|
index 68a9c1a2d08..7aa25eb2cb7 100644
|
|
--- openjdk.orig/src/java.base/share/conf/security/java.security
|
|
+++ openjdk/src/java.base/share/conf/security/java.security
|
|
@@ -78,6 +78,7 @@ security.provider.tbd=SunMSCAPI
|
|
security.provider.tbd=Apple
|
|
#endif
|
|
security.provider.tbd=SunPKCS11
|
|
+#security.provider.tbd=SunPKCS11 ${java.home}/lib/security/nss.cfg
|
|
|
|
#
|
|
# Security providers used when global crypto-policies are set to FIPS.
|