Testing done:I) With the collector which supported FIPS mode:
Ran the docker container with -e SUMO_FIPS_JCE=true once with SUMO_GENERATE_USER_PROPERTIES=false and once without SUMO_GENERATE_USER_PROPERTIES=false.
a) Ran the docker logs <containerId> command and checked the configureFipsMode.sh log lines.
b) Ran sudo service collector status, and verified the collector was running.
c) Checked the collector.log file for the JceProviders.scala log line (Added Bouncy Castle FIPS provider ..)
Ran the docker container once with -e SUMO_FIPS_JCE=false and another without the flag once with SUMO_GENERATE_USER_PROPERTIES=false and once without SUMO_GENERATE_USER_PROPERTIES=false.
a) No extra logs of configureFipsMode.sh in docker logs <containerId>.
b) Ran sudo service collector status, and verified the collector was running.
c) Searched the collector.log file for the Added Bouncy Castle FIPS provider .. log line, and it wasn't present.
II) With the collector which doesn't support FIPS mode (current production):docker logs <containerId> showed the configureFipsMode.sh file couldn't be found. But there was no issue in the collector getting started. Checked by running the command sudo service collector status.
Testing done: I) With the collector which supported FIPS mode:
Ran the docker container with
-e SUMO_FIPS_JCE=true
once withSUMO_GENERATE_USER_PROPERTIES=false
and once withoutSUMO_GENERATE_USER_PROPERTIES=false
. a) Ran thedocker logs <containerId>
command and checked theconfigureFipsMode.sh
log lines. b) Ransudo service collector status
, and verified the collector was running. c) Checked thecollector.log
file for theJceProviders.scala
log line (Added Bouncy Castle FIPS provider ..
)Ran the docker container once with
-e SUMO_FIPS_JCE=false
and another without the flag once withSUMO_GENERATE_USER_PROPERTIES=false
and once withoutSUMO_GENERATE_USER_PROPERTIES=false
. a) No extra logs ofconfigureFipsMode.sh
indocker logs <containerId>
. b) Ransudo service collector status
, and verified the collector was running. c) Searched thecollector.log
file for theAdded Bouncy Castle FIPS provider ..
log line, and it wasn't present.II) With the collector which doesn't support FIPS mode (current production):
docker logs <containerId>
showed theconfigureFipsMode.sh
file couldn't be found. But there was no issue in the collector getting started. Checked by running the commandsudo service collector status
.