| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Updating unrestricted policy files in IIB |
« View previous topic :: View next topic » |
| Author |
Message
|
| kash3338 |
 Posted: Fri Jul 17, 2015 1:46 am Post subject: Updating unrestricted policy files in IIB |
 |
|
Shaman
Joined: 08 Feb 2009
Posts: 709
Location: Chennai, India
|
Hi,
We have a scenario wherein we need to do a encryption/decryption of the data sent to a provider. The algorithm to be used is "AES" (for encrypt-decrypt) / "RSA" for signing and verifying.
The key size is expected to be 256 but when we try to decrypt using 256 bit AES key, we are getting an error "java.security.InvalidKeyException: Illegal key size".
When we tried fixing this, it i suggested to update the Java security policy files in JRE (local_policy.jar). But since Broker uses its JRE, there are some default set of policy files which when modified throws run-time exceptions.
Have anyone come across this issue earlier and what could be the work around? |
|
| Back to top |
|
 |
| zpat |
| Posted: Fri Jul 17, 2015 2:08 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
Platform?
Error message?
What does the encryption?
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error. |
|
| Back to top |
|
|
| ganesh |
| Posted: Mon Jul 20, 2015 2:38 pm Post subject: |
|
|
Master
Joined: 18 Jul 2010
Posts: 294
|
| There is a local_policy.jar in the broker installation directory- \IBM\MQSI\{broker/iib version}\jre17\lib\security, did you replace that file? |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Tue Jul 21, 2015 4:14 am Post subject: Re: Updating unrestricted policy files in IIB |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| kash3338 wrote: |
Hi,
We have a scenario wherein we need to do a encryption/decryption of the data sent to a provider. The algorithm to be used is "AES" (for encrypt-decrypt) / "RSA" for signing and verifying.
The key size is expected to be 256 but when we try to decrypt using 256 bit AES key, we are getting an error "java.security.InvalidKeyException: Illegal key size".
When we tried fixing this, it i suggested to update the Java security policy files in JRE (local_policy.jar). But since Broker uses its JRE, there are some default set of policy files which when modified throws run-time exceptions.
Have anyone come across this issue earlier and what could be the work around? |
Well I am surprised that an illegal key size guides you to the policy files...
It is very clearly an ILLEGAL KEY SIZE.
So before you do anything else:
What is the key size of the cert you are trying to use?
What is the full name of the ciphersuite / cipherspec you are trying to use? 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
