Re: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256)

>> From: Dave Cramer <davecramer@postgres.rocks>
>> Sent: Monday, March 28, 2022 9:04 AM
>> Honestly I don't know. What I would do is try this on a redhat machine (not in a docker container) to start with. If that fails then you have somewhere to start.

I rebuilt my container using “FROM openjdk:11” and deployed my test application to our Kubernetes cluster.  Now when I look at the pod logs, I can see that it is successfully connecting:

About to try connecting to postreSQL database ...
Connected to the PostgreSQL server successfully
Successfully connected to the database!!  Try running a query
Inside main - about to enter a long loop
Looping a set number of times ... Loop Iteration:  1
Looping a set number of times ... Loop Iteration:  2
Looping a set number of times ... Loop Iteration:  3
Looping a set number of times ... Loop Iteration:  4

So openjdk:11 appears to have the cryptography libraries in the JVM.  Now we can figure out what is missing from our Iron Bank base image.

Thank you so much everyone for your help.  I believe we are on the right track to getting our application running on FIPS enabled hosts.

I really appreciate everyone’s input.