Open littleautomaton opened 1 year ago
I've encountered the exact same issue and error with identical configuration, except on Oracle Linux 8 no RHEL8.
I've encountered the exact same issue and error with identical configuration, except on Oracle Linux 8 no RHEL8.
In my case, It's seems to have something to with FIPS, GNUTLS, and pcscd.
Oct 31 18:40:22 --- pcscd[2901]: 00000000 auth.c:139:IsClientAuthorized() Process 2822 (user: 987) is NOT authorized for action: access_pcsc
Oct 31 18:40:22 --- pcscd[2901]: 00000175 winscard_svc.c:335:ContextThread() Rejected unauthorized PC/SC client
I fixed the pcscd issue^ by adding some polkit rules: https://www.redhat.com/en/blog/controlling-access-smart-cards
Afterwards, I still can't get thehive service to start while FIPS mode is active. Disabling FIPS entirely seems to fix the issue.
Upon further investigation, it seems that my java FIPS policy is causing the issue.
jdk.tls.ephemeralDHKeySize=2048
jdk.certpath.disabledAlgorithms=MD2, SHA1, MD5, DSA, RSA keySize < 2048
jdk.tls.disabledAlgorithms=DH keySize < 2048, TLSv1.1, TLSv1, SSLv3, SSLv2, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, RC4_40, RC4_128, DES40_CBC, RC2, HmacMD5
jdk.tls.legacyAlgorithms=
Specifically, I think disabling MD5 might be the problem. Take a look at this issue: https://github.com/akkadotnet/akka.net/issues/4082
The VectorClock Object in the java akka.cluster package uses MD5 to hash the name of itself, I think... Honestly, I'm not really sure why or for what purpose. I assume to use as key in scala.collection.immutable.TreeMap data structure.
Request Type
Bug
Work Environment
Problem Description
TheHive4 fails to start, gives "Error injecting constructor, java.lang.NoClassDefFoundError: Could not initialize class org.thp.thehive.models.User$" on new install.
Steps to Reproduce
Complementary information
application_log.txt application_conf.txt