The provider SunJCE may not be signed by a trusted party...

Similar Messages

• The provider BC may not be signed by a trusted party

  Hi all,
  I have encountered the runtime error of...
  [error] java.lang.SecurityException: The provider BC may not be signed by a trusted party [error]
  ...while using j2sdk1.4.2_04
  Meanwhile the same piece of test code didn't prompt any error if I use jdk1.3.1_06
  I guess I have done the necessary steps:
  - install the unrestricted policy files at <JAVA_HOME>/jre/lib/security
  - place my bcprov-jdk14-122.jar at <JAVA_HOME>/jre/lib/ext
  What's really wrong? Can someone please guide? Many thanks in advanced...

  FYI, I also done the following steps according to thread at http://forum.java.sun.com/thread.jsp?thread=487735&forum=9&message=2293004
  >
  Solution: Place the following archive files in the directory %java_home%/jre/lib/ext:
  - the unrestricted JCE archives; local_policy & US_export_policy (available for download)
  - the jce archive from %java_home%/jre/lib/security
  - you should also already have the sunjce_provider but in case you are missing it add it here also
  However, according to this...
  >
  You can try placing all security related jars(US_export_policy.jar,sunjce_provider.jar,Jce1_2_2.jar,local_policy.jar) on the following folder jdkhome\jre\lib\ext.
  Why do I need to place Jce1_2_2.jar in my ext path since I am already using j2sdk1.4.2_04?

• The provider ABA may not be signed by a trusted party

  I am trying to upgrade from 1.3.1_06 to 1.4.2_10 and I have an issue using the JCE solution I currently use. I have managed to sign the jce.jar file and have put it in the /lib/ext/ directory so it's permissions have all been correctly set. I have also exported the signing certificate and imported it into the CACERTS file, I am still however getting the error in the subject, Can anyone help with this.

  Is this a provider that provides JCE functionality (Cipher/KeyAgreement/MAC/etc.)? If so, did you sign with a JCE code signing cert issued from Sun, or from a cert you created?
  Also, I would suggest maybe using a different name than jce.jar, so you don't inadvertantly create confusion with the Sun jce.jar file.

• Java.lang.SecurityException: The provider SunJCE may not be signed by a tru

  Hi All,
  I am trying to implement AES using SunJCE,
  I am running it with j2sdk1.4.2_09
  from Eclipse 3.1
  the jar file is as is and was not tampered with, tried with bouncy castle and still get the same error, is it to do with eclipse, if yes suggest work around
  Here is the code
  import javax.crypto.Cipher;
  public class PrecedenceTest
  public static void main(
  String[] args)
  throws Exception
  Cipher cipher = Cipher.getInstance("AES", "SunJCE");
  System.out.println(cipher.getProvider());
  Please advice me as to what is wrong
  Thanks in advance
  slogger

  This is a FAQ here.
  http://forum.java.sun.com/thread.jspa?forumID=9&threadID=611770

• Error: provider may not be signed by a trusted party

  I am running with the latest Cryptix JCE, and I getting "provider may not be signed by a trusted party" error when using the Cipher Engine. I ran with the supplied cryptix-jce-provider.jar file and one that is signed by me using a code signing certificate obtained from SUN. I have the same error in both cases. The error message said that the jar should not be signed by a trusted party, but I think it is supposed to mean it is not signed by a trusted party. Does anybody know what's is going on, and why am I getting this error?
  - Tak

  I do not have this problem if I am running as root. But if I am a normal user, I am getting this error or "cannot find any provider supporting RSA/ECB/PKCS#1 depending on what I am doing. Please note that I am putting the provider jar file in the jre/lib/ext directory. If I run my test with the provider specified as part of the classpath, then it worked OK regardless who I am. Does anybody have any ideas?
  - Tak Sze

• Problem: MyProvider is not signed by a trusted party

  Hi, I'm Patrik, from university of Bologna, Italy.
  I'm developing a small application that include 6 different Ciphers. Some of this ciphers are "strange" like Caesar's Ciphers, and are not available in standard Providers; then I've decided to implement my own provider.
  To begin I've implemented only One provider, called "MyProvider", I've compiled it, then I've build a JAR file. Then I've put it into the directory "{$Java.Home}"/lib/ext . Then I've tested It, but I receive the error message:
  The provider MyProvider may not be signed by a trusted party.
  I've tried to do it work in a lot of ways:
  (1) Signing the JAR
  (2) Modifyng permissions in java.security and in java.policy
  (3) Downloading the unlimited strebgth jurisdiction files.
  But I always receive the same error Message. It's a nightmare !!
  It's possible to build a provider for JCE and do it work on my Computer ?
  ( I'm using jdk1.4.1 )
  Thanks in advance : Patrik ( [email protected] )

  The Sun JCE will only instantiate Providers that are signed by Sun - and they'll only sign Providers for "major vendors". To implement your own Provider, I believe you need to find a "clean room" replacement for the jce.jar, and use it instead of the one in the JDK. I don't have any pointers handy, but I'm pretty sure there is such a beast out there - perhaps someone else can provide us with a URL.
  Grant

• HT1766 I have an I pad Mini. Since i down loaded the new update ISO 7, my I Pad is not running certain media files either from Chrome or Safari browser. I called technical support but they failed to provide any help stating the media files may not be comp

  I have an I pad Mini. Since i down loaded the new update ISO 7, my I Pad is not running certain media files either from Chrome or Safari browser. I called technical support but they failed to provide any help stating the media files may not be compctable with new soft ware. I do bnot agree with their finding because i have I phone with ISO 7 updated soft ware and same files run on my I phone but not on I Pad. This was working fine before updating new software. This device is useless for me if i can not watch the program that i bought this for. I want device to replaced or taken back by the company. Thank you

  Here are the iPad Mini specifications:
  iPad mini - Technical SpecificationsNov 1, 2012
  The specifications explain exactly what types of files are supported under "TV and Video".

• Connection Failed: The server "name" may not exist or it is unavailable...

  So I think I know what caused this problem, but I can't figure out how to make it stop...
  When I go to print, if I try to click on the pop-up to change the default printer setting, there's a LONG delay, then I get a dialog that says:
  Connection Failed
  The server "name" may not exist or it is unavailable at this time. Check the server name or IP address, check your network connection, then try again.
  Then there's another delay and I get the message a second time. I can then select any of my printer settings and print fine, it's just an annoying delay if I click on that pop-up accidentally or need to change it.
  I have a new iMac and I migrated from my old G5. The "name" of the server it is seeking is my old G5, so that must be in the settings somewhere, but I can't find it. I tried going into the Print & Fax settings in System Preferences, deleting the printer there, and then re-adding, but that didn't clear it up.
  Thanks for any insight you can provide!
  --John

  Hmm, well, this stopped working again for me. I tried swapping ethernet and re-installing the Airport client update - to no avail. I could always see my Mac shares from PCs though. However, I have (for now) managed to connect to the PC using ip address rather than name even though finder quite clearly sees the name. Does your printer connection work by ip rather than name ? I'm going to play name lookup detective for a bit now - it's some kind of Netbios name lookup issue I guess as I've no local DNS service. resolv.conf is apparently not used so a bit of learning to do! ...
  ... nmblookup seems to work but nslookup doesn't. Looks like SL connect via Finder isn't using nmblookup properly and I can't see how to make that work. When this gets reported enough it should get a publicised work-round or a fix. If only I can get dig/nslookup to slave out to nmblookup ...must be something I can configure for that ??

• The product archive is invalid. The installer package may not include paths

  I try again here, since we got no further and this message is becoming a show-stopper for us.
  We have a simple app-file and build a package from this with Productbuilder only using
  productbuild --component 'INtex Fahrtenbuch AS.app' --sign '3rd Party Mac Developer Installer: INtex Publishing GmbH & Co. KG' 'InstallationINtexFahrtenbuchAS.pkg'
  Furthermore we checked for extended attributes everywhere with
  ls -lad@ *
  and removed any with
  xattr -d -r com.apple.FinderInfo *
  xattr -d -r com.apple.ResourceFork *
  Packaging with Product Builder went fine and installation test with sudo was no problem.
  Still we can´t upload our installer to iTunes connect. Message is once again but this time only:
  The product archive is invalid. The installer package may not include paths outside of a bundle.
  What can we do about that ? There is no path outside the bundle ...

  lemkesoft wrote:
  I have here the same problem with one of my apps.
  Do you have any solution now?
  Welcome to Apple Discussions, Mr. GraphicConverter
  The standard suggestion is to clean and rebuild. There were a number of such posts on the paid Developer Forums a few weeks ago, but nothing since.

• The core clock is slow or no core clock connected for this ILA or the ILA core may not meet timing.

  [Labtools 27-1395] Unable to arm ILA 'hw_ila_1'. The core clock is slow or no core clock connected for this ILA or the ILA core may not meet timing.
  I have seen related forums but cant get any help. My timing is completely fine. I tried all JTAG frequencies from 1.5MHZ to `12 MHZ. My clk for ILA core runs at 100 MHZ.
  If i remove one IP , then the ILA core works.  THE BD is attached. If i remove the right most IP(HLS_croppin) it works. I really cant understand. There is nothign worng with the timin in either case.

  There are four possible reasons for this problem:
  - The trigger condition is never met;
  - The trigger clock (clock mapped to the ILA Core) is stopped;
  - A known issue exists with the Storage Qualification feature;
  - BUFG is not being used on JTAG CLK (for the ICON).
  The trigger condition is never met
  Check the message at the bottom of the ChipScope Analyzer window. If it is similar to "Waiting for trigger, Sample buffer has 0 samples(0%)," proceed as follows:
  1. Go to "Trigger Setup" and "Trigger Immediate." If ChipScope Analyzer starts the acquisition and shows the samples (the waveform appears), your design is fine; the clock is running, but your trigger condition never occurs.
  2. In the "Trigger Setup windows, ensure that you have set the condition correctly if you are sure that this event (the trigger condition) happens in your design.
  The trigger clock is stopped
  If the message at the bottom of the window is similar to "Waiting for Core to be armed, slow or stopped clock," the trigger condition is not the problem -- the ILA Core does not have a valid clock and is not able to start the acquisition. To fix this, ensure that you have mapped a valid clock (in ChipScope Inserter or ChipScope Generator). If you are not sure if the clock mapped to the ILA Core is running, try to connect your system clock instead (or a clock that you are sure is running).
  BUFG is not used on ICON's JTAG clock
  If the JTAG clock does not use a BUFG, the "Waiting for upload" message can appear.
  In some instances, slowing down the cable speed might provide a suitable work-around.
   

• '"Connection Failed" : The server "rrnas01" may not exist or it is unavailable at this time. Check the server name or IP address, check your network connection, and then try again' message

  '"Connection Failed" : The server "rrnas01" may not exist or it is unavailable at this time. Check the server name or IP address, check your network connection, and then try again' message keeps displaying whenever I try to open any Adobe CS5 applications (except for Adobe Acrobat Pro). It displays until I click "OK" about 15-20 times or so and then will finally let my program open.
  I have tried deleting files within my Library/Preferences folder and turning off/deleting login items within my system preferences as other forums suggested but nothing happened. Spending 3.5 hours on the phone with Adobe and completely uninstalling and then reinstalling the entire CS5 Master Collection didn't work either.
  Also, it may be helpful to know that my programs worked fine for about three weeks then when we got internet and changed the password (the join, not the adminstrative password) with the wireless network "ScubaSteve" (which I've used with no problems at my old apartment) it started acting up. I have never seen "rrnas01" before so I don't know at all where it came from. I also installed the free 30 day trial of Suitcase Fusion 3 recently, but thinking that could also be the cause I have uninstalled it, and still no help.
  Please help me! And please keep in mind I don't know all the computer lingo that a lot of the people in these forums seem to know. Thanks in advance for ny help you can give me.

  It may not be possible .. there is a major bug between Mountain Lion and the TC where the TC disk goes off the radar of the computer.
  Lion is also affected but not as badly.
  7.6.4 seems worse than earlier firmware.. so back to 7.6.1 or 7.5.2 if that is possible.
  Obviously that is not a solution for a later Gen5 TC.
  Reset to factory after the firmware downgrade. .use all network names that are short, no spaces and pure alphanumeric.
  If the TC is the main router set the dhcp to a very short lease time.. eg 30min.. and see how it goes, or try a longer lease like 99days.
  I prefer the very short lease but response has been mixed.
  Use ethernet not wireless.. ethernet is always more reliable and stable than wireless.
  And last .. a nightly electric timer that powers off every night at midnight for 1min.. would not be the first device we have suggested a fix that amounts to beat the unit to the punch by forcing it to reboot since it is unstable.

• Errors in the high-level relational engine. The data source view does not contain a definition for the table or view. The Source property may not have been set.

  Hi All,
  I have a cube in which i'm using the TIME DIM that i created in the warehouse. But now i wanted a new measure in the cube which is Average over time and when i wanted to created the new measure i got a message that no time dim was defined, so i created a
  new time dimension in the SSAS using wizard. But when i tried to process the new time dimension i'm getting the follwoing error message
  "Errors in the high-level relational engine. The data source view does not contain a definition for "SSASTIMEDIM" the table or view. The Source property may not have been set."
  Can anyone please tell me why i cannot create a new measure average over the time using my time dimension? Also what am i doing wrong with the SSASTIMEDIM, that i'm getting the error.
  Thanks

  Hi PMunshi,
  According to your description, you get the above error when processing the time dimension. Right?
  In this scenario, since you have updated the DSV, it should have no problem on the table existence. One possibility is that table has been specified for tracking in the notifications for proactive caching, but isn't available any more for some
  reason. Please change the setting in Proactive Caching into "MOLAP".
  Reference:
  How To Implement Proactive Caching in SQL Server Analysis Services SSAS
  If you have any question, please feel free to ask.
  Best Regards,
  Simon Hou
  TechNet Community Support

• The required version of java ,1.4.2_06, is not the latest and may not conta

  Hi
  I've implemented SSL on Discoverer and it works fine,
  the problem comes when discoverer laucnhes it pops up with this massage
  the required version of java ,1.4.2_06, is not the latest and may not contain latest security updates.
  I the click on yes, and then it takes about five minutes to work.
  I followed metalink note 427930.1 and it did not help.
  I'm busy going thru matalink note 290807.1
  can someone please help.
  Thanks
  Sibusiso

  Change your formsweb.cfg to use JRE 1.6.0_27. It is not a good idea to use old JRE versions. Each new release includes bug fixes as well as security enhancements. Using old versions may leave your system at risk of exposing bugs and/or security vulnerabilities. Since Forms 11 is certified with 1.6.0_12 and supported with all 1.6.0_12+ versions, moving to the latest in the 1.6 series is a good approach.
  Alternatively, disable the Autoupdate feature in the JRE, found on the JRE Control Panel.
  For future reference, there is a Forum specifically dedicated to JRE issues/questions:
  Java Runtime Environment (JRE)

• What Are the Security Implications of not Completely Signing Database?

  Hello everyone,
  What are the security implications of not completely signing the database?
  From http://www.archlinux.org/pacman/ ,
  The following quote implies that the database exists merely just in case hand tweaking is necessary:
  maintains a text-based package database (more of a hierarchy), just in case some hand tweaking is necessary.
  However, considering that there are cases that pacman's local database needs to be restored, there are implications that the database is essential for pacman to function properly.
  From https://wiki.archlinux.org/index.php/Ho … l_Database :
  Restore pacman's local database
  Signs that pacman needs a local database restoration:
  - pacman -Q gives absolutely no output, and pacman -Syu erroneously reports that the system is up to date.
  - When trying to install a package using pacman -S package, and it outputs a list of already satisfied dependencies.
  - When testdb (part of pacman) reports database inconsistency.
  Most likely, pacman's database of installed software, /var/lib/pacman/local, has been corrupted or deleted. While this is a serious problem, it can be restored by following the instructions below.
  I know that all official packages (from core, extra, community, etc.) are signed so that all files should be safe, but I'm just paranoid.
  What if the database was hacked?  Will this lead to installation of harmful software?
  Sincerely,
  Cylinder57
  Last edited by Cylinder57 (2012-10-15 03:42:31)

  Cylinder57 wrote:
  From this quote:
  Allan wrote:But, the OP (also?) talks about the local package database on his computer.  That is not signed at all as there is no point.  If someone can modify that, then they can regenerate the signature, or just modify any other piece of software on your computer.
  Is it going to be easy for anyone other than the authorized user to modify the local package database?
  Allan basically answered that with the quote above already as I understand it. Someone who has access to the installation, e.g. is able chrooting your PC via USB, is not held back by any ACLs. However, modifying the local database only makes limited sense because the packages are already installed. Pacman would only recheck, if you re-install a package. The only really relevant attack vector for the package database is
  (1) installing an older package with a vulnerability,
  (2) re-placing the up-to-date package sig in the local database with the older one and
  (3) modifying the system, e.g. via pacman.conf excludes, to not update that.
  then also re-installing would not create a sig-error and you get stuck with the bogus old package.
  With a signed database this would not be possible. However, as Allan wrote earlier also with a signed database that criminal can manually install (totally leaving pacman & package cache) whatever it needs in this scenario. So, if you are -really- paranoid about that, you probably want to spend (a lot of configuring) time with something like the "aide" package.
  Cylinder57 wrote:
  And, are the following statements correct:
  If the repository databases are modified, the hacker might be able to modify the packages on the server (Considering that if someone can modify the local package database, that person can modify any other piece of software on that particular computer.)
  However, pacman won't let users from installing the modified packages (due to package signing,) unless at one person with access is bribed (at least, for an individual package.)
  I don't know the intricacies of the server infrastructure - only saw they have great names :-), but I am pretty certain your statements assume that correctly. It is pretty unlikely that someone able to modify the central repository database fails at placing a bogus package for shipping with those access rights at this time. Yet it does no harm not to post any details of such a scenario here imo. In any case: A compromised mirror would be enough for that - and easier to achieve (hacked anywhere or e.g. in a non-democratic state). Plus you also answered it yourself. The keys are key for our safety there. Which keeps me hoping that no criminal lawnmover salesmen frequent the Brisbane area.
  As you put up a thread about this, one question you can ask yourself is:
  Have you always checked on updates new signatures keys which pacman asks about? If you ever pressed "accept/enter" without checking them out-of-band (e.g. the webserver), that compromised mirror database might have just created a "legitimate" key .. user error, but another attack vector the database signing would catch.
  edit: Re-thinking the last paragraph just after posting, I now believe it would not be that easy as implied - simply because the bogus key is not trusted by one of the master keys. The pacman pgp trust model should catch that without database signing. At least it would if only the official repositories are activated, but that's a pre-requisite to the whole thread.
  Last edited by Strike0 (2012-10-20 23:01:26)

• ORA-26004: Tables loaded through the direct path may not be clustered

  hi ,
  I im planning to upload data to IOT table using sqlldr. but end with error.
  ORA-26004: Tables loaded through the direct path may not be clustered.
  how to resolve this. as this table going to insert high voluem data and to speed up the table quary we created IOT table.
  table create syntax:
  create CLUSTER C_HUA
  B_number number(10),
  A_number number(10),     
  ins_date date,
  account number(10),
  C_number number(10))
  SQL> CREATE TABLE HUA
  A_number number(10),
  B_number number(10),
  ins_date date,
  account number(10),
  C_number number(10)
  CLUSTER C_HUA
  B_number,
  A_number,
  ins_date,
  account,
  C_number);
  SQL> CREATE INDEX HUA_index1 on CLUSTER C_HUA;
  Pl help to resolve this.
  thanks
  ashwan

  You have to use conventional path. DIRECT=false.
  Restrictions on Using Direct Path Loads
  The following conditions must be satisfied for you to use the direct path load method:
  * Tables are not clustered.
  * Tables to be loaded do not have any active transactions pending.
  * Loading a parent table together with a child Table
  * Loading BFILE columns