Using OpenSSL and Java

Working with OpenSSL and Java

Working with OpenSSL and Java

There is a known issue when OpenSSL providers and Java both reference the same libfxpkcs11.so file. If both environments use the same file, it can cause either Java or any OpenSSL PKCS#11 HSM operations to fail. If OpenSSL and Java will be installed on the same device, to avoid the issue, we recommend performing the following steps:

Create separate directories for Java and OpenSSL, for example:

None

/usr/local/lib/fxpkcs11/openssl/libfxpkcs11.so
/usr/local/lib/fxpkcs11/java/libfxpkcs11.so 

Place a distinct copy of libfxpkcs11.so into each directory

Configure OpenSSL and Java to point to their respective copies

For Java, edit the library line in pkcs11.cfg file. If our recommendation was followed, the file should be located at /usr/local/etc/
For PKCS11 Provider, edit the pkcs11-module-pathline in openssl.cnf file. If the user chose to edit the global file, run the command to find where the global OpenSSL file is located

Troubleshooting

Protegrity

⌘I

Certificate Authority

Certificate management

Certificate validation

Code signing

Credential management

Data protection

Database

Digital signing

DNS

Firewall

Generic

IT automation and orchestration

Key management

Privileged access management

Secrets management

TLS offloading

VPN

Working with OpenSSL and Java

Certificate Authority

Certificate management

Certificate validation

Code signing

Credential management

Data protection

Database

Digital signing

DNS

Firewall

Generic

IT automation and orchestration

Key management

Privileged access management

Secrets management

TLS offloading

VPN

​Working with OpenSSL and Java

Working with OpenSSL and Java