Description. steigerwalda. opened on Nov 14, 2019. All current distributions of ibmjcefips. jar should be version 1.8. See https:/ IBM JCE FIPS 140-2 Cryptographic Module Security Policy

Every guardian eventually retires. For , the end of the road came on August 21, 2021 , when its FIPS certification officially expired.

In the world of IBM Java, was the primary provider of "Federal standard" encryption.

A flaw was discovered where a specific algorithm (HASHDRBG) wasn't "re-seeding" properly, which could have compromised security. This required a quick patch to remain compliant with NIST rules.

ibmjcefips.jar not at version 1.8 · Issue #160 · IBM/developer

IBM decided not to renew the certificate for this specific module. Instead, they introduced a successor designed for a faster, more modern web: (housed in ibmjceplus.jar ).

When developers tried to move forward into the world of OpenJDK 11 , the old 1.8 version of the JAR would sometimes trigger a "Null Pointer Exception," causing secure connections to fail without warning.