Jce policy

Similar Messages

• Installation error in JCE policy

  I am getting an error while installing NW 2004s SR1 while giving JCE policy path.
  Java version:j2sdk1.4.2_13
  Error is:
  ERROR 2007-12-12 15:02:55
  FCO-00011  The step collect with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_GetSidNoProfiles|ind|ind|ind|ind|1|0|collect was executed with status ERROR .
  ERROR 2007-12-12 15:02:55
  MOS-01185  The subkey 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfeeFramework' does not exist on the 'localhost' host.
  Pls help out of this problem

  Hello,
  I am having trouble installing
  SAP NetWeaver 2004s Java Trial Version (SP9)
  I get to the screen JCE unlimited strength jurisdiction policy archive,
  then I put the file C:\jce_policy-1_4_2\jce.
  It gives me error. It says the file does not exist.
  I downloaded the above file from sun web site, "http://java.sun.com/j2se/1.4.2/download.html".
  Can anyone help?
  The above file C:\jce_policy-1_4_2\jce\ contains
  local_policy.jar and US_export_policy.jar.
  Am I doing the right thing? Can anyone help?
  Thanks,
  Ajay Dharia

• JCE Policy checking at runtime

  I would like to check what the JCE policy allows at runtime. The basic idea here is to check what is allowed, and let the user know if there is a problem before getting into things farther. It appears that javax.crypto.CryptoPermission should be an object (I can find source for it floating around) but its not accessible at the runtime for java 1.5/1.6 . So how do I check what permissions are allowed?

  Actually that was just for testing purposes. On my remotely running JBoss AS under linux, I'm using some already implemented jndi technique *(DataSource)ctx.lookup* to connect to the db, there are some db specific (and in general other) configurations already done on the JBoss AS, where as on my locally running tomcat i have just kept the db settign very simple (basic jdbd/odbc connectivity)
    //JBOSS
          try
            ctx = new InitialContext();
          catch (NamingException e)
            System.err.println("Context Lookup Failed");
          ds = null;
          try
            ds = (DataSource)ctx.lookup("java:/IntegraDS");
          catch (Exception e)
            e.printStackTrace();
            System.err.println("Context Lookup Failed");
          conn = ds.getConnection();
          //TOMCAT
            String userName = "admin";
            String password = "xxx";
            String url = "jdbc:mysql://hh-linux1:3306/IntegraDB";
            Class.forName ("com.mysql.jdbc.Driver").newInstance ();
            conn = DriverManager.getConnection (url, userName, password);
            As i'm doing development locally so each time i had to comment the latter section before i deploy the application on jboss. hence i asked to put some check for the AS.
  With the latter part of the code, Jboss DB connectivity does not work, i hope u still remember the previous thread. That problem is still unclear to me, I tried to even give full rights to that user but still it didn't work. And with the JNDi settings used by some other project for the JBoss/DB connectivity now i'm accessing the db.
  I know it's not a good idea to have such kidn fo workarounds, but will look into that problem later when i have some time.
  thanks.

• Differences in JCE policy files between java 1.4 and 1.5?

  I'm using a app that needs JCE unlimited strength policy files to start. Attempting to start with limited strength policy files with Java 1.4 installed will give:
  java.security.InvalidKeyException: InitVerify error: java.lang.RuntimeException: engineGetKeySize() is not supported by this cipher!
  however, running the same app on java 1.5 with limited strength policy files does not give this problem. I've checked http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html#AppE and http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#AppE and the maximum allowed keysizes are identical. Has something else changed in the JCE policy files between these java versions? Can anyone tell me what's going on?

  Incubus wrote:
  say I have a code that does:
  public void StringConcat(){
  int noOfIter = 10000;
  for(int i = 0; i < noOfIter; i++){
  String s = "String " + i + " Being " + i + "concatenated " + i + "using " + i + "String" + i + "Builder";
  If I compile this in 1.4 ( i.e using javac -source 1.4); the decompiled code looks the same.
  But if I do so in 1.5 ( i.e if I decompile the same code compiled using javac -source 1.5), this is how it looks:
  public void StringConcat(){
  int noOfIter = 10000;
  for(int i = 0; i < noOfIter; i++){
  String s = (new StringBuilder).append("String ").append( i).append( " Being ").append( i).append( "concatenated ").append( i).append( "using ").append( i).append( "String").append( i).append( "Builder").toString();
  The above was the compile time optimization I was talking about.What makes you think that the decompiler is not the problem?
  The ONLY difference between 1.5 and 1.4 in that case is that one uses StringBuilder and one uses StringBuffer. And StringBuffer is faster.
  Just wanted to know, are there any other differences in compile time optimizations between 1.4 and 1.5.I suggest that you go look at the read me. And I also suggest that you become familar with byte codes and stop assuming that a decompiler is going to tell you anything.

• Distributing software with unlimited strength JCE policy files

  I'm about to release some software that uses AES 256-bit encryption. I had to download the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6" to do this level of encryption. I'd like to distribute my software with a bundled version of the JRE that includes these policy files. The software will be available to download from the Internet for those who pay for the service. Placing it on the Internet is technically an export because it's available to anyone in the world.
  I've talked to the Bureau of Industry and Security and they said I need to file for a classification number (ECCN). Is this necessary if I'm using Sun's software? The JCE has already been through the export approval process so it would make sense if just including it in my software required nothing. I haven't been able to find any information about what to do legally if using the unlimited strength policy files. What laws do I need to know about or comply with to do this? Also, are there any legal ramifications of including the JRE with my software? I'm using a custom jre launcher that lets me bundle whatever jre I want with my software, so I assume it's a common practice, but I'm not sure.
  Any help would be appreciated.

  I posted this question on other sites as well, but never heard any good answers.
  I've had to do some research and I've heard a few different things, but this is what I've learned:
  Software being exported (putting on the Internet is an export) that contains symmetric encryption above 64-bit requires filling out a BIS-748P form. I had to first of all request a PIN and CIN (company id number) from the BIS so that I can access their SNAP-R system which is where you fill out and submit all the paper work (including the BIS-748P) online. I haven't filled that out yet, but once you do they will review your software and classify it with an ECCN number and depending on what if falls under they will require you to obtain a license or license exception. For what I'm doing (and what most probably need this for), a license is not needed. It's simply classified as a type of encryption software and they know who you are and what you're doing with it.
  Until this is filed, the software is under a certain statute as to what you can do with it and there's a lot of legalities behind this entire process that I don't fully understand, but I think filling this paperwork out and talking to those who receive it is a good place to start.
  I'm not a lawyer by any means and I could be missing some details, but this is what I understand about the process. If you learn anything else (or find some of this to be untrue), let me know.

• Java Kernel and the "Unlimited Strength Java Crypto Extension Policy Files"

  Is Java Kernel able to download and install on-demand the "Unlimited Strength Java(TM) Cryptography Extension Policy Files"?
  Currently, I have to instruct the users of my applications to download those policy files from Sun's website and follow the installation instruction. I haven't received any positive feedback from my users when I told them to do this task. I understand them. Manual installation of this files really suck especially for lay men.
  So, with Java Kernel, what's the plan? Can I hope for something better?

  I believe, for US export-control reasons, the Unlimited Strength JCE policy files are never automatically downloadable by the JVM - they have to be explicitly downloaded and configured. However, you could download it yourself, configure the JVM with the policy files, create your own ZIP/JAR file and internally distribute it to your users through your intranet. But, if you do this, you are responsible for complying with the applicable export laws of your country, and perhaps, Sun licensing terms for redistributing the JVM.

• JCE Unlimited Strength 11gR2 problem

  We download the unlimited strength JCE policy files (Java 1.5) and replaced local_policy.jar and US_export_policy.jar in javavm but no change in our error.
  we did not find useful and exact solution for 11g, need extra steps? thanks.

  we allocated the problem, we use BouncyCastle in database with loadjar and Oracle does not find the BC, error is
  KeyGenerator not available
  what is the solution? or a bug?

• Error during Installation - CE 7.2 - JCE

  Hello experts,
  I am trying to install NW CE 7.2 on Windows Vista.
  When i try to select Java Cryptography Extension (JCE) policy jar files, i get an error stating "Invalid Zip file"
  i have downloaded JCE files according to the note 1240081 given by SAP
  Any pointers regarding this will be useful.
  Regards,
  Vivek
  Edited by: Vivek D K on Mar 3, 2010 1:12 PM

  Hi
  Try this one
  https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=jce_policy-6-oth-JPR@CDS-CDS_Developer
  BR
  Satish Kumar

• Java Crptographic  Extension Policy Archive

  I tried to install  the JCE policy ,but setup is still not accepting it,Any body have idea
  I trying to install full java trial ver

  Hi,
  had some struggle with that one too installing IDES ERP2005 (I guess it's the same with the java trial).
  You have to put the jce_policy-1_4_2.<b>zip</b> into your j2sdk1.4.2_12 directory. That way I got sapsetup to accept it.
  Peter
  Reward points, if helpful, always appreciated

• Portal Runtime Error while performing User Mapping  to SAP SRM

  Please find below the error I received while User Mapping from  Enterprise Portal to SAP SRM :
  Portal Runtime Error
  An exception occurred while processing a request for :
  iView : pcd:portal_content/administrator/super_admin/super_admin_role/com.sap.portal.user_administration/com.sap.portal.user_mapping/com.sap.portal.userMappingAdmin/com.sap.portal.userMappingAdmin
  Component Name : com.sap.portal.usermanagement.admin.UserMappingAdmin
  User Mapping not fully available..
  Exception id: 04:21_23/06/05_0073_8097650
  See the details for the exception ID in the log file

  Hi,
  yes, Karsten is correct. Just some background:
  "User Mapping not fully available.." finally means that user mapping is configured to use strong encryption, but the main crypto key for user mapping is missing. Usually, that's because "SAP Java Cryptographic Toolkit" and/or "JCE policy files for unlimited strength encryption" are not installed (or the server hasn't be restarted afterwards). The note will most likely help
  Best regards
  Heiko

• Issue while doing Java Stack Installation on NW 7.0 on oracle 10g

  Hi All,
  I am facing issue during Installation of JAVA Stack on NW7.0 on Oracle 10g
  SecureStoreCreate.log
  java.lang.reflect.InvocationTargetException
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
          at java.lang.reflect.Method.invoke(Method.java:391)
          at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
  Caused by: java.lang.ExceptionInInitializerError
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
          at javax.crypto.Cipher.a(Unknown Source)
          at javax.crypto.Cipher.getInstance(Unknown Source)
          at iaik.security.provider.IAIK.a(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
          at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
          at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
          ... 6 more
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
          at javax.crypto.b.<clinit>(Unknown Source)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          ... 17 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.access$600(Unknown Source)
          at javax.crypto.b$0.run(Unknown Source)
          at java.security.AccessController.doPrivileged(AccessController.java:246)
  Regards
  Punit

  Hi Punit,
  What version of JDK have you installed, check the JCE policy file you have provided during the installation.
  Cheers,
  Phanindra M

• Installation error in EP EHP1 NW

  Dear experts,
  I am installing EP EHP1.While installing the phase " create secure store " getting an error .
  WARNING[E] 2009-10-07 05:40:26.345
             CJSlibModule::writeError_impl()
  CJS-30050  Cannot create the secure store. SOLUTION: See output of log file Secu
  reStoreCreate.log:
  SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
  java.lang.reflect.InvocationTargetException
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
  java:88)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
  java:61)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
  sorImpl.java:60)
          at java.lang.reflect.Method.invoke(Method.java:391)
          at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81
  Caused by: java.lang.ExceptionInInitializerError
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
          at javax.crypto.Cipher.a(Unknown Source)
          at javax.crypto.Cipher.getInstance(Unknown Source)
          at iaik.security.provider.IAIK.a(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.
  java:158)
          at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecSt
  oreFS.java:804)
          at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.ja
  va:1274)
          ... 6 more
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
          at javax.crypto.b.<clinit>(Unknown Source)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          ... 17 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed
  by trusted signers!
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.access$600(Unknown Source)
          at javax.crypto.b$0.run(Unknown Source)
          at java.security.AccessController.doPrivileged(AccessController.java:246
          ... 20 more.
  ERROR      2009-10-07 05:40:26.607 [sixxcstepexecute.cpp:950]
  FCO-00011  The step createSecureStore with step key |NW_Onehost|ind|ind|ind|ind|
  Kindly guide me please.
  Regards,
  kiruba.

  by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers! at javax.crypto.b.
  There seems to be a problem with the JCE policy file that you provided during installation.
  Kindly download it again.
  Then find the current policy file on the installation server and replace it.
  Then retry the current installation.
  OR
  Start SAPinst again and start a new installation

• Error installing CE 7.1 Trial

  Hi everyone!
  I'm trying to install the trial version of SAP CE 7.1 on a windows XP Pro Machine.
  I successfully installed it on my laptop so I don't know whats happening.
  In steps.xml:
  <i><taskexecution start="20071017115418" end="20071017115431" description="Prepare first start of Application Server Java" className="com.sap.xpf.controller.TaskExecutionStep" status="error" name="CALL_BOOTSTRAP">
      <taskname>callBootstrap</taskname>
      <setVariable value="$(DIR/GF/EXE)" name="DIR/GF/EXE"/>
      <setVariable value="$(DIR/GF/PROFILE)/$(AS/PROFIL_NAME)" name="JEE_PROFILE"/>
    </taskexecution></i>
  But looking  in the install.log file doesn't help.
  Can anyone help me or has faced the same problem?
  Thank you all.

  I think the problem is related with JCE Policy, the problem now is that when I begin the installation it doesn't require to me to specify where JCE Policy file is located while in previous installations it did.
  Does anyone know why it's no asking me to introduce the parth of that file?
  Thank you

• Error in installing MySap 2004s SR1 with DB2 and IBM AIX.

  Hello Gurus,
  I am installing MySap 2004s SR1 with DB2 and IBM AIX.
  I am facing the following error :
  <b><i>ERROR 2006-11-08 18:33:01
  MDB-01101  Installed Software Level '08.02.0002' is insufficient for this installation ...</i></b>
  <b><i>ERROR 2006-11-08 18:33:01
  MUT-03025  Caught ESAPinstException in Modulecall: ESAPinstException: error text undefined.
  ERROR 2006-11-08 18:33:01
  FCO-00011  The step DB6CheckSoftwareLevel with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_GetSidNoProfiles|ind|ind|ind|ind|1|0|NW_getDBInfo|ind|ind|ind|ind|2|0|NW_DB6_Initialize_Db_Software_Info|ind|ind|ind|ind|3|0|DB6CheckSoftwareLevel was executed with status ERROR .</i></b>
  As this occered in the phase "Install JCE Policy".
  I have even tried to get the latest version But I am not succesfull.
  Please help.
  Regards,
  Chandra Sekhar Reddy.

  Dear Dirk,
  Thanks once again I have installed FP12 and the error is gone.
  But here I have one more error triggered, Here I am pasting the log.
  Please help me.
  <i><b>ERROR 2006-11-08 22:02:36
  FSH-00006  Return value of function getgrnam(dbdevmnt) is The process does not exist..
  ERROR 2006-11-08 22:02:36
  MUT-03025  Caught ESyException in Modulecall: ESAPinstException: error text undefined.
  ERROR 2006-11-08 22:02:36
  FCO-00011  The step createAccounts with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_Users_Create_Do|ind|ind|ind|ind|4|0|createAccounts was executed with status ERROR .</b></i>
  Please help me out.
  Thanks,
  Chandra Sekhar Reddy.

• Netweaver Developer Studio Installation

  I am installing developer studio with Sql server along with java engine. But during the installation after giving the path of the JDK and JCE policy following installation occurs.
  ERROR 2008-05-27 12:38:25
  MOS-01185  The subkey 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DPS' does not exist on the 'localhost' host.
  ERROR 2008-05-27 12:38:25
  FCO-00011  The step collect with step key |NW_Workplace|ind|ind|ind|ind|0|0|NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_GetSidNoProfiles|ind|ind|ind|ind|2|0|collect was executed with status ERROR .

  you can refer to http://www.dachun.org/IS-SAP/QA/m/MOS-01185__The_subkey_HKEY_LOCAL_MACHINE_SYSTEM_CurrentControlSet_Services_DPS_does_not_exist_on_the_localhost_host.htm