BugZero updated this defect 51 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
3/29/2024
Horizon
No affected releases provided.
No fixed releases provided.
Connection Server is installed in FIPS modeAfter configuring OCSP certificate revocation checking on the Connection Server via the locked.properties file and restarting services, the Horizon View Security Gateway Component service crashes and fails to start.Connection Server logs show the following: Location of Horizon View log files (1027744) 2023-03-07T20:55:55.421+05:30 TRACE (1188-17FC) <Thread-1> [bi] Found property "enableRevocationChecking" in: locked.properties 2023-03-07T20:55:55.422+05:30 DEBUG (1188-17FC) <Thread-1> [x] Initialising Revocation checker 2023-03-07T20:55:55.439+05:30 TRACE (1188-17FC) <Thread-1> [JCA] ! CertificateFactory(X.509) -> BCFIPS 2023-03-07T20:55:55.441+05:30 DEBUG (1188-17FC) <Thread-1> [RevocationCheck] Revocation checking: setting useCertCRLs = true 2023-03-07T20:55:55.441+05:30 TRACE (1188-17FC) <Thread-1> [bi] Found property "enableOCSP" in: locked.properties 2023-03-07T20:55:55.452+05:30 ERROR (1188-17FC) <Thread-1> [Ice] ICE start com.vmware.vdi.logger.Logger.fatal(Logger.java:104) java.lang.NoClassDefFoundError: org/bouncycastle/jce/provider/BouncyCastleProvider 2023-03-07T20:55:55.466+05:30 ERROR (1188-17FC) <Thread-1> [JMXServer] Could not start the Ice Server MBean com.vmware.vdi.logger.Logger.fatal(Logger.java:104) javax.management.MBeanException: java.lang.Exception: ICE Start: org/bouncycastle/jce/provider/BouncyCastleProvider
The check for FIPS mode is missing while loading the BouncyCastleProvider causing the service to crash.
The issue has been resolved in Horizon 2303 (8.9)