JiriOndrusek commented on code in PR #6241:
URL: https://github.com/apache/camel-quarkus/pull/6241#discussion_r1672503680
##########
extensions/crypto/runtime/src/main/doc/usage.adoc:
##########
@@ -0,0 +1,23 @@
+=== FIPS
+
+When running `crypto` extension on FIPS enabled system the BC-FIPS has to be
utilized.
Review Comment:
@ppalaga I checked the options and you are right. Camel-crypto does not
require BC at all. I will propose such change in near future to the Camel. In
the meantime I'll exclude the BC from camel-crypto in the CQ BOM (and I will
revert it back as soon as the relevant Camel bits reaches the CQ)
I have a question what to suggest to users:
1 - In non-FIPS environment all worjs out of the box.
2 - In the FIPS environment, If user wants to use BCFIPS, following
dependencies have to be added
```
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bc-fips</artifactId>
</dependency>
<dependency>
<groupId>org.apache.camel.quarkus</groupId>
<artifactId>camel-quarkus-support-bouncycastle</artifactId>
</dependency>
```
If another fips-compliant security provider is used, it has to be registered
properly.
(I tested the scenario with BCFIPS on FIPS machine)
Does it make sense to you, to suggest both approaches? (BCFIPS and
different fips compliant provider)
(the other option is to suggest use of BCFIPS only)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
