What crypto library does Eclipse Ditto use by default? I need to determine if it is FIPS 140-2 validated. If not is there a way to build Ditto with an alternative crypto library that's validated?
Asked
Active
Viewed 79 times
1 Answers
0
Eclipse Ditto is not FIPS 140-2 compliant (to be honest that is the first time that I hear of FIPS 140-2). I guess you figured that our already.
Ditto uses the OpenJ9 JVM including OpenJDK 11 (since Ditto 1.1.0) with its by default included crypto provider.
So I guess you would have to fork Ditto and switch out the used Java runtime bundled inside the Docker image to a FIPS 140-2 validated one (or use a Docker base image which contains a a certified Java runtime) and build your own Ditto Docker images.
Thomas Jäckle
- 1,123
- 2
- 7
- 21