tomcat-fips

Last changed

Get notified of upcoming product changes, critical vulnerability notifications and patches and more.

Versions

Overview

Tomcat is a free and open-source implementation of the Jakarta Servlet, Jakarta Expression Language, and WebSocket technologies.

Download this Image

The image is available on cgr.dev:


docker pull cgr.dev/chainguard/tomcat-fips:latest

Usage

This image uses the Apache Portable Runtime library to default to using the OS provided OpenSSL libraries through the Java Secure Socket Extension (JSSE).

Running this image will show output like the following, indicating the APR is loaded and the underlying OpenSSL library is being used:


% docker run cgr.dev/chainguard/tomcat-fips:latest
Using CATALINA_BASE:   /usr/local/tomcat
. . .
19-Jul-2024 13:47:15.331 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [2.0.8] using APR version [1.7.4].
19-Jul-2024 13:47:15.337 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL Using OpenSSL with the FIPS provider as the default provider
19-Jul-2024 13:47:15.337 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.3.1 4 Jun 2024]
. . .

Licenses

Chainguard Images contain software packages that are direct or transitive dependencies. The following licenses were found in the "latest" version of this image:

Apache-2.0
BSD-3-Clause
Bitstream-Vera
FTL
GPL-2.0-only
GPL-2.0-or-later
GPL-3.0-or-later

For a complete list of licenses, please refer to this Image's SBOM.

Software license agreement

Compliance

This is a FIPS validated image for FedRAMP compliance.

This image is STIG hardened and scanned against the DISA General Purpose Operating System SRG with reports available.

Learn more about STIGs Get started with STIGs

Related images

tomcat-fips

Download this Image

Usage

Product

Why Chainguard

Customers

Company

Resources