Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support encrypted communication between Quarkus app with MSSQL JDBC extension and SQL Server #1138

Merged
merged 1 commit into from
May 22, 2024
Merged

Support encrypted communication between Quarkus app with MSSQL JDBC extension and SQL Server #1138

merged 1 commit into from
May 22, 2024

Conversation

michalvavrik
Copy link
Member

@michalvavrik michalvavrik commented May 22, 2024
edited
Loading

Summary

Adds support for encrypted communication between Quarkus app with JDBC MSSQL extension and SQL Server because Microsoft documentation says in FIPS-enabled environment you should do that: https://learn.microsoft.com/en-us/sql/connect/jdbc/fips-mode?view=sql-server-ver16#appropriate-configuration-parameters

Despite the docs above, it doesn't seem to be required with Red Hat OpenJDK 21 (works both with TLS and without TLS) and never works in FIPS-enabled environment with Red Hat OpenJDK 17.

So my plan in regards of FIPS:

This is how I tested it (FIPS/no FIPS): quarkus-qe/quarkus-test-suite@main...michalvavrik:quarkus-test-suite:feature/sql-server-fips

Please check the relevant options

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Dependency update
  • Refactoring
  • Breaking change (fix or feature that would cause existing functionality to change)
  • This change requires a documentation update
  • This change requires execution against OCP (use run tests phrase in comment)

Checklist:

  • Example scenarios has been updated / added
  • Methods and classes used in PR scenarios are meaningful
  • Commits are well encapsulated and follow the best practices

@michalvavrik michalvavrik force-pushed the feature/sql-server-fips-support branch from 1e28035 to aacd973 Compare May 22, 2024 15:32
@michalvavrik
Copy link
Member Author

run tests

@michalvavrik michalvavrik added the triage/backport-1.4? Quarkus 3.8 stream label May 22, 2024
@michalvavrik
Copy link
Member Author

run tests

@michalvavrik
Copy link
Member Author

The OpenShiftDockerBuildIT failed in OpenShift Tests in JVM over network communication with OpenShift. I am not going to rerun it as it has no relation to changes here.

@michalvavrik michalvavrik requested a review from mjurc May 22, 2024 19:24
mjurc
mjurc approved these changes May 22, 2024
View reviewed changes
Copy link
Member

@mjurc mjurc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mjurc mjurc merged commit dda842d into quarkus-qe:main May 22, 2024
9 of 10 checks passed
@michalvavrik michalvavrik deleted the feature/sql-server-fips-support branch May 23, 2024 06:15
@michalvavrik michalvavrik mentioned this pull request May 23, 2024
Merged
11 tasks
@michalvavrik michalvavrik removed the triage/backport-1.4? Quarkus 3.8 stream label May 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mjurc mjurc mjurc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@michalvavrik @mjurc