-
Notifications
You must be signed in to change notification settings - Fork 1.2k
warnings observed with our app start up in fips mode #2182
-
We have an application built on top of tomcat, Updated to make it FIPS compliant. In java.security file bcfips, bcjsse providers are set as 1st and 2nd priority in java.security file.
jdk version : JDK 17.0.3+7
Tomcat: 10.1.44
jars for fips : bcfips-2.0.1, bctls-fips-2.0.20, bcutil-fips-2.0.3 and bcpkix-fips-2.0.8 jars.
During tomcat (application) startup in fips mode, observed few warnings. Though it started successfully but still we were investigating the reason behind the warnings.
Even after investigating, we were unable to figure out the actual reason behind. Would be great if you could suggest something.
Below are the two warnings:
-
Oct 21, 2025 10:19:37 AM org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi engineInit
WARNING: Skipped default trust store
java.io.IOException: DER length more than 4 bytes: 109
at org.bouncycastle.fips.core/org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
at org.bouncycastle.fips.core/org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
at org.bouncycastle.fips.core/org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.fips.core/org.bouncycastle.jcajce.provider.ProvBCFKS$BCFIPSKeyStoreSpi.engineLoad(Unknown Source)
at java.base/java.security.KeyStore.load(KeyStore.java:1473)
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.getDefaultTrustStore(ProvTrustManagerFactorySpi.java:112)
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.engineInit(ProvTrustManagerFactorySpi.java:162)
at java.base/javax.net.ssl.TrustManagerFactory.init(TrustManagerFactory.java:282)
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvSSLContextSpi.selectX509TrustManager(ProvSSLContextSpi.java:709)
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineInit(ProvSSLContextSpi.java:635)
at java.base/javax.net.ssl.SSLContext.init(SSLContext.java:314)
at org.apache.tomcat.util.net.jsse.JSSESSLContext.init(JSSESSLContext.java:52)
at org.apache.tomcat.util.net.jsse.JSSEUtil.initialise(JSSEUtil.java:105)
at org.apache.tomcat.util.net.jsse.JSSEUtil.getImplementedProtocols(JSSEUtil.java:73)
at org.apache.tomcat.util.net.SSLUtilBase.(SSLUtilBase.java:97)
at org.apache.tomcat.util.net.jsse.JSSEUtil.(JSSEUtil.java:61)
at org.apache.tomcat.util.net.jsse.JSSEUtil.(JSSEUtil.java:56)
at org.apache.tomcat.util.net.jsse.JSSEImplementation.getSSLUtil(JSSEImplementation.java:52)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:88)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:70)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:226)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1399)
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1482)
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:644)
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1103)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164)
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:425)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164)
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:870)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164)
at org.apache.catalina.startup.Catalina.start(Catalina.java:761)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:345)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476) -
Oct 21, 2025 10:19:37 AM org.bouncycastle.jsse.provider.ProvSSLContextSpi selectX509TrustManager
WARNING: Failed to load default trust managers
java.security.KeyStoreException: Failed to load default trust store
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.engineInit(ProvTrustManagerFactorySpi.java:182)
at java.base/javax.net.ssl.TrustManagerFactory.init(TrustManagerFactory.java:282)
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvSSLContextSpi.selectX509TrustManager(ProvSSLContextSpi.java:709)
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvSSLContextSpi.engineInit(ProvSSLContextSpi.java:635)
at java.base/javax.net.ssl.SSLContext.init(SSLContext.java:314)
at org.apache.tomcat.util.net.jsse.JSSESSLContext.init(JSSESSLContext.java:52)
at org.apache.tomcat.util.net.jsse.JSSEUtil.initialise(JSSEUtil.java:105)
at org.apache.tomcat.util.net.jsse.JSSEUtil.getImplementedProtocols(JSSEUtil.java:73)
at org.apache.tomcat.util.net.SSLUtilBase.(SSLUtilBase.java:97)
at org.apache.tomcat.util.net.jsse.JSSEUtil.(JSSEUtil.java:61)
at org.apache.tomcat.util.net.jsse.JSSEUtil.(JSSEUtil.java:56)
at org.apache.tomcat.util.net.jsse.JSSEImplementation.getSSLUtil(JSSEImplementation.java:52)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:88)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:70)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:226)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1399)
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1482)
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:644)
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1103)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164)
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:425)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164)
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:870)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164)
at org.apache.catalina.startup.Catalina.start(Catalina.java:761)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:345)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:476)
Caused by: java.io.IOException: DER length more than 4 bytes: 109
at org.bouncycastle.fips.core/org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
at org.bouncycastle.fips.core/org.bouncycastle.asn1.ASN1InputStream.readLength(Unknown Source)
at org.bouncycastle.fips.core/org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)
at org.bouncycastle.fips.core/org.bouncycastle.jcajce.provider.ProvBCFKS$BCFIPSKeyStoreSpi.engineLoad(Unknown Source)
at java.base/java.security.KeyStore.load(KeyStore.java:1473)
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.getDefaultTrustStore(ProvTrustManagerFactorySpi.java:112)
at org.bouncycastle.fips.tls/org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.engineInit(ProvTrustManagerFactorySpi.java:162)
... 30 more
The java.security file has below details:
security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider
security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS
security.provider.3=sun.security.provider.Sun
security.provider.4=SunRsaSign
security.provider.5=SunEC
security.provider.6=SunJGSS
security.provider.7=SunSASL
security.provider.8=XMLDSig
security.provider.9=SunPCSC
security.provider.10=JdkLDAP
security.provider.11=JdkSASL
security.provider.12=SunPKCS11
securerandom.source=file:/dev/random
securerandom.strongAlgorithms=NativePRNGBlocking:SUN,DRBG:SUN
securerandom.drbg.config=
login.configuration.provider=sun.security.provider.ConfigFile
policy.provider=sun.security.provider.PolicyFile
policy.url.1=file:${java.home}/conf/security/java.policy
policy.url.2=file:${user.home}/.java.policy
policy.expandProperties=true
policy.allowSystemProperty=true
policy.ignoreIdentityScope=false
keystore.type=BCFKS
keystore.type.compat=false
package.access=sun.misc.,
sun.reflect.
package.definition=sun.misc.,
sun.reflect.
security.overridePropertiesFile=true
ssl.KeyManagerFactory.algorithm=PKIX
ssl.TrustManagerFactory.algorithm=PKIX
networkaddress.cache.negative.ttl=10
krb5.kdc.bad.policy = tryLast
sun.security.krb5.disableReferrals=false
sun.security.krb5.maxReferrals=5
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer,
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224,
SHA1 usage SignedJAR & denyAfter 2019年01月01日
jdk.security.legacyAlgorithms=SHA1,
RSA keySize < 2048, DSA keySize < 2048
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024,
DSA keySize < 1024, SHA1 denyAfter 2019年01月01日
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA,
DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL
jdk.tls.legacyAlgorithms=NULL, anon, RC4, DES, 3DES_EDE_CBC
jdk.tls.keyLimits=AES/GCM/NoPadding KeyUpdate 2^37,
ChaCha20-Poly1305 KeyUpdate 2^37
crypto.policy=unlimited
jdk.xml.dsig.secureValidationPolicy=
disallowAlg http://www.w3.org/TR/1999/REC-xslt-19991116,\
disallowAlg http://www.w3.org/2001/04/xmldsig-more#rsa-md5,\
disallowAlg http://www.w3.org/2001/04/xmldsig-more#hmac-md5,\
disallowAlg http://www.w3.org/2001/04/xmldsig-more#md5,\
disallowAlg http://www.w3.org/2000/09/xmldsig#sha1,\
disallowAlg http://www.w3.org/2000/09/xmldsig#dsa-sha1,\
disallowAlg http://www.w3.org/2000/09/xmldsig#rsa-sha1,\
disallowAlg http://www.w3.org/2007/05/xmldsig-more#sha1-rsa-MGF1,\
disallowAlg http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1,\
maxTransforms 5,
maxReferences 30,
disallowReferenceUriSchemes file http https,
minKeySize RSA 1024,
minKeySize DSA 1024,
minKeySize EC 224,
noDuplicateIds,
noRetrievalMethodLoops
jceks.key.serialFilter = java.base/java.lang.Enum;java.base/java.security.KeyRep;
java.base/java.security.KeyRep$Type;java.base/javax.crypto.spec.SecretKeySpec;!*
jdk.sasl.disabledMechanisms=
jdk.security.caDistrustPolicies=SYMANTEC_TLS
jdk.io.permissionsUseCanonicalPath=false
Your response will help us a lot in understanding these warnings and take appropriate steps. Awaiting your reply 🙂.
Beta Was this translation helpful? Give feedback.
All reactions
Replies: 2 comments
-
Tomcat is initing an SSLContext with null for TrustManager[] tm, which in JSSE terms means to attempt to use a default TrustManagerFactory (type given by ssl.TrustManagerFactory.algorithm setting, from highest priority supporting provider) to load the default truststore (configurable via 'javax.net.ssl.trustStore', otherwise jssecacerts or cacerts from your JRE). The type of KeyStore to use to try and load that truststore is given by 'javax.net.ssl.trustStoreType', or else 'keystore.type', or else "JKS".
So the situation here is that a PKIX TrustManagerFactory from BCJSSE provider is trying to load a BCFKS KeyStore from (most likely) the cacerts file, and failing because the format is actually PKCS12.
The result of the failure is falling back to a dummy TrustManager that will fail any checks. For an SSLContext (endpoint) that is only used as a server without client authentication, then this failure isn't really a problem since it would never be used. In that case, you could choose to set javax.net.ssl.trustStore=NONE instead, so that no truststore file will be loaded.
Otherwise you may need to convert the KeyStore format of your default truststore to BCFKS (i.e. 'javax.net.ssl.trustStore' or jssecacerts or cacerts - at log level CONFIG the ProvTrustManagerFactorySpi log would also show the path to the truststore that is being loaded).
Beta Was this translation helpful? Give feedback.
All reactions
-
Actually, if the truststore only contains certificates (which should be the case for cacerts), then you could just set 'javax.net.ssl.trustStoreType' to JKS or PKCS12 (whichever format it actually is) to actually load them.
Beta Was this translation helpful? Give feedback.