Re: [EXTERNAL] Re: Java client connection problem on FIPS enabled hosts (with password_encryption = scram-sha-256)

>> I just tried this on openjdk 11.0.1 on macos and it works fine. It may be a specific problem with the openjdk built by the vendor you are using (I presume redhat?)

Thank you so much for letting me know that openjdk worked for you.  We are building our base Java Docker image (that our Java services and my simple example runs in) from Iron Bank Redhat Universal Base Image (UBI) 8 and then installing Java into the image:

                   # java

        ARG JAVA_MAJOR_VERSION=11

        ARG JAVA_VERSION=1:11.0.14.0.9-2.el8*

        ENV JAVA_HOME /usr/lib/jvm/java-${JAVA_MAJOR_VERSION}-openjdk

               dnf install java-${JAVA_MAJOR_VERSION}-openjdk-devel-${JAVA_VERSION}

I will work with someone on my team that understands the base images better.  It is my understanding that we are building our own base Java image from Redhat UBI 8.  Maybe there is something more we need to do to make sure the crypto libraries get installed?

Honestly I don't know. What I would do is try this on a redhat machine (not in a docker container) to start with. If that fails then you have somewhere to start.

Dave