TeamCity on a fips compliant server

Avatar
Jonathan D Dove
Created

I have a server(EL9.7) setup with teamcity but have had to turn off fips compliance to allow it to work. I've tried installing tomcat-native and apr libraries from the yum repository and changed the sever.xml file to the lister to utilize FIPSmode=on/enter, and have forced utilization of TLS1.3. Despite all of this I still get an error that I will attach below. Any help getting this setup so that I can make sure this server meets security requirements for our network would be appreciated.

<pre>jetbrains.buildServer.maintenance.exceptions.UnknownServerStartupError: Could not create the main application servlet: Failed to load TeamCity configuration. null
    at jetbrains.buildServer.maintenance.TeamCityDispatcherServlet$WebApplicationCreatorAndDestroyer.createApplication(TeamCityDispatcherServlet.java:33)
    at jetbrains.buildServer.maintenance.StartupProcessor.doApplicationStarting(StartupProcessor.java:1292)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$1900(StartupProcessor.java:595)
    at jetbrains.buildServer.maintenance.StartupProcessor$3.call(StartupProcessor.java:11)
    at jetbrains.buildServer.util.NamedThreadFactory.executeWithNewThreadName(NamedThreadFactory.java:92)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStage(StartupProcessor.java:535)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStageSafe(StartupProcessor.java:977)
    at jetbrains.buildServer.maintenance.StartupProcessor.processTeamCityLifecycle(StartupProcessor.java:673)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$000(StartupProcessor.java:573)
    at jetbrains.buildServer.maintenance.StartupProcessor$1.run(StartupProcessor.java:3)
    at java.base/java.lang.Thread.run(Thread.java:1583)
caused by: java.lang.RuntimeException: Failed to load TeamCity configuration. null
    at jetbrains.buildServer.web.impl.BuildServerConfigurator.loadConfiguration(BuildServerConfigurator.java:31)
    at java.base/java.util.concurrent.CopyOnWriteArrayList.forEach(CopyOnWriteArrayList.java:891)
    at jetbrains.buildServer.serverSide.impl.BuildServerLifecycleProcessor.doStartup(BuildServerLifecycleProcessor.java:27)
    at jetbrains.buildServer.maintenance.TeamCityDispatcherServlet$WebApplicationCreatorAndDestroyer.createApplication(TeamCityDispatcherServlet.java:29)
    at jetbrains.buildServer.maintenance.StartupProcessor.doApplicationStarting(StartupProcessor.java:1292)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$1900(StartupProcessor.java:595)
    at jetbrains.buildServer.maintenance.StartupProcessor$3.call(StartupProcessor.java:11)
    at jetbrains.buildServer.util.NamedThreadFactory.executeWithNewThreadName(NamedThreadFactory.java:92)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStage(StartupProcessor.java:535)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStageSafe(StartupProcessor.java:977)
    at jetbrains.buildServer.maintenance.StartupProcessor.processTeamCityLifecycle(StartupProcessor.java:673)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$000(StartupProcessor.java:573)
    at jetbrains.buildServer.maintenance.StartupProcessor$1.run(StartupProcessor.java:3)
    at java.base/java.lang.Thread.run(Thread.java:1583)
caused by: java.lang.ExceptionInInitializerError
    at jetbrains.buildServer.web.impl.BuildServerConfigurator.loadConfiguration(BuildServerConfigurator.java:22)
    at java.base/java.util.concurrent.CopyOnWriteArrayList.forEach(CopyOnWriteArrayList.java:891)
    at jetbrains.buildServer.serverSide.impl.BuildServerLifecycleProcessor.doStartup(BuildServerLifecycleProcessor.java:27)
    at jetbrains.buildServer.maintenance.TeamCityDispatcherServlet$WebApplicationCreatorAndDestroyer.createApplication(TeamCityDispatcherServlet.java:29)
    at jetbrains.buildServer.maintenance.StartupProcessor.doApplicationStarting(StartupProcessor.java:1292)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$1900(StartupProcessor.java:595)
    at jetbrains.buildServer.maintenance.StartupProcessor$3.call(StartupProcessor.java:11)
    at jetbrains.buildServer.util.NamedThreadFactory.executeWithNewThreadName(NamedThreadFactory.java:92)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStage(StartupProcessor.java:535)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStageSafe(StartupProcessor.java:977)
    at jetbrains.buildServer.maintenance.StartupProcessor.processTeamCityLifecycle(StartupProcessor.java:673)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$000(StartupProcessor.java:573)
    at jetbrains.buildServer.maintenance.StartupProcessor$1.run(StartupProcessor.java:3)
    at java.base/java.lang.Thread.run(Thread.java:1583)
caused by: java.lang.RuntimeException: java.security.NoSuchAlgorithmException: No such algorithm: RSA
    at jetbrains.buildServer.serverSide.crypt.RSACipher.&lt;clinit&gt;(RSACipher.java:58)
    at jetbrains.buildServer.web.impl.BuildServerConfigurator.loadConfiguration(BuildServerConfigurator.java:22)
    at java.base/java.util.concurrent.CopyOnWriteArrayList.forEach(CopyOnWriteArrayList.java:891)
    at jetbrains.buildServer.serverSide.impl.BuildServerLifecycleProcessor.doStartup(BuildServerLifecycleProcessor.java:27)
    at jetbrains.buildServer.maintenance.TeamCityDispatcherServlet$WebApplicationCreatorAndDestroyer.createApplication(TeamCityDispatcherServlet.java:29)
    at jetbrains.buildServer.maintenance.StartupProcessor.doApplicationStarting(StartupProcessor.java:1292)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$1900(StartupProcessor.java:595)
    at jetbrains.buildServer.maintenance.StartupProcessor$3.call(StartupProcessor.java:11)
    at jetbrains.buildServer.util.NamedThreadFactory.executeWithNewThreadName(NamedThreadFactory.java:92)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStage(StartupProcessor.java:535)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStageSafe(StartupProcessor.java:977)
    at jetbrains.buildServer.maintenance.StartupProcessor.processTeamCityLifecycle(StartupProcessor.java:673)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$000(StartupProcessor.java:573)
    at jetbrains.buildServer.maintenance.StartupProcessor$1.run(StartupProcessor.java:3)
    at java.base/java.lang.Thread.run(Thread.java:1583)
caused by: java.security.NoSuchAlgorithmException: No such algorithm: RSA
    at java.base/javax.crypto.Cipher.getInstance(Cipher.java:758)
    at java.base/javax.crypto.Cipher.getInstance(Cipher.java:646)
    at jetbrains.buildServer.serverSide.crypt.RSACipher.prepareCipher(RSACipher.java:89)
    at jetbrains.buildServer.serverSide.crypt.RSACipher.&lt;clinit&gt;(RSACipher.java:54)
    at jetbrains.buildServer.web.impl.BuildServerConfigurator.loadConfiguration(BuildServerConfigurator.java:22)
    at java.base/java.util.concurrent.CopyOnWriteArrayList.forEach(CopyOnWriteArrayList.java:891)
    at jetbrains.buildServer.serverSide.impl.BuildServerLifecycleProcessor.doStartup(BuildServerLifecycleProcessor.java:27)
    at jetbrains.buildServer.maintenance.TeamCityDispatcherServlet$WebApplicationCreatorAndDestroyer.createApplication(TeamCityDispatcherServlet.java:29)
    at jetbrains.buildServer.maintenance.StartupProcessor.doApplicationStarting(StartupProcessor.java:1292)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$1900(StartupProcessor.java:595)
    at jetbrains.buildServer.maintenance.StartupProcessor$3.call(StartupProcessor.java:11)
    at jetbrains.buildServer.util.NamedThreadFactory.executeWithNewThreadName(NamedThreadFactory.java:92)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStage(StartupProcessor.java:535)
    at jetbrains.buildServer.maintenance.StartupProcessor.processConcreteStageSafe(StartupProcessor.java:977)
    at jetbrains.buildServer.maintenance.StartupProcessor.processTeamCityLifecycle(StartupProcessor.java:673)
    at jetbrains.buildServer.maintenance.StartupProcessor.access$000(StartupProcessor.java:573)
    at jetbrains.buildServer.maintenance.StartupProcessor$1.run(StartupProcessor.java:3)
    at java.base/java.lang.Thread.run(Thread.java:1583)
</pre>

Votes

0

Share

3 comments
Avatar
Denis Lapuente
Created
We have a feature request to add fips compliance in our issue tracker. Please vote for it to stay up to date when we add it: https://youtrack.jetbrains.com/projects/TW/issues/TW-100239/Add-hardened-fips-compliant-docker-images
0
Avatar
Jonathan D Dove
Created

I will, but will that extend to bare metal installation.

0
Avatar
Denis Lapuente
Created
It should. We don't have a custom vresion of the software for the docker images, we just download them and apply the settings. Even if we were to create custom settings for FIPS compliance, those should be easy to extract, the files are still inside the container.
0

Please sign in to leave a comment.