add BCJSSE

build-tools-internal/src/main/groovy/elasticsearch.fips.gradle

@@ -79,7 +79,7 @@ if (BuildParams.inFipsJvm) {
           // with no x-pack. Tests having security explicitly enabled/disabled will override this setting
           setting 'xpack.security.enabled', 'false'
           setting 'xpack.security.fips_mode.enabled', 'true'
-          setting 'xpack.security.fips_mode.required_providers', '["BCFIPS"]'
+          setting 'xpack.security.fips_mode.required_providers', '["BCFIPS", "BCJSSE"]'
           setting 'xpack.license.self_generated.type', 'trial'
           setting 'xpack.security.authc.password_hashing.algorithm', 'pbkdf2_stretch'
           keystorePassword 'keystore-password'

docs/reference/settings/security-settings.asciidoc

@@ -73,8 +73,8 @@ Enables fips mode of operation. Set this to `true` if you run this {es} instance
 
 `xpack.security.fips_mode.required_providers`::
 (<<static-cluster-setting,Static>>)
-Optionally enforce specific Java JCE/JSSE security providers. For example, set this to `["BCFIPS"]` to require the Bouncy Castle FIPS
-security provider. Only applicable when `xpack.security.fips_mode.enabled` is set to `true`.
+Optionally enforce specific Java JCE/JSSE security providers. For example, set this to `["BCFIPS", "BCJSSE"]` (case-insensitive) to require
+the Bouncy Castle FIPS JCE and JSSE security providers. Only applicable when `xpack.security.fips_mode.enabled` is set to `true`.
 
 [discrete]
 [[password-hashing-settings]]