I was trying to Install OID (Oracle Identity Manager) and I got this error :
Problem:
at oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager.start(StandardConfigActionManager.java:186)
at oracle.as.install.engine.modules.configuration.boot.ConfigurationExtension.kickstart(ConfigurationExtension.java:81)
at oracle.as.install.engine.modules.configuration.ConfigurationModule.run(ConfigurationModule.java:86)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism
at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:88)
... 31 more
Caused by: java.lang.SecurityException: The jurisdiction policy files are not signed by a trusted signer!
at javax.crypto.JarVerifier.verifyPolicySigned(JarVerifier.java:328)
at javax.crypto.JceSecurity.loadPolicies(JceSecurity.java:317)
at javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:262)
at javax.crypto.JceSecurity.access$000(JceSecurity.java:48)
at javax.crypto.JceSecurity$1.run(JceSecurity.java:80)
at java.security.AccessController.doPrivileged(Native Method)
at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:77)
Cause:
My current version of java was 1.8.* which is not fully supported.
In this case JDK 1.8.0.1 is installed on all nodes in the cluster and JCE local policy version 6 was used for AES 256 kerberos encryption. JCE must be in sync with the JDK version.
[oracle@linux06 jdk1.8.0_111]$ cd ..
[oracle@linux06 java]$ ls
default jdk1.8.0_111 latest
[oracle@linux06 java]$ cd default/
[oracle@linux06 default]$ ls
bin javafx-src.zip man THIRDPARTYLICENSEREADME-JAVAFX.txt
COPYRIGHT jre README.html THIRDPARTYLICENSEREADME.txt
db lib release
include LICENSE src.zip
Solution:
Download :
For Java 6 use :
http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
For Java 7 use :
http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
For java 8 use :
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
******************** ******************** ********************
Update java with with new java unlimted jusrisdiction :
******************** ******************** ********************
After download and unzip :
[oracle@linux06 JCE]$ unzip jce_policy-8.zip
Archive: jce_policy-8.zip
creating: UnlimitedJCEPolicyJDK8/
inflating: UnlimitedJCEPolicyJDK8/local_policy.jar
inflating: UnlimitedJCEPolicyJDK8/README.txt
inflating: UnlimitedJCEPolicyJDK8/US_export_policy.jar
[oracle@linux06 JCE]$ ls -ll
total 16
-rw-rw-r--. 1 oracle oracle 8409 Dec 14 10:39 jce_policy-8.zip
drwxrwxr-x. 2 oracle oracle 4096 Dec 20 2013 UnlimitedJCEPolicyJDK8
[oracle@linux06 JCE]$ pwd
/u01/app/SFTW/JCE
[oracle@linux06 JCE]$ ls
jce_policy-8.zip UnlimitedJCEPolicyJDK8
[oracle@linux06 JCE]$ cd UnlimitedJCEPolicyJDK8/
[oracle@linux06 UnlimitedJCEPolicyJDK8]$ ls
local_policy.jar README.txt US_export_policy.jar
******************** ******************** ********************
as root user backup and replace files (US_export_policy & local_policy.jar)
******************** ******************** ********************
[oracle@linux06 security]$ su root
Password:
[root@linux06 security]# ls
blacklist java.policy local_policy.jar
blacklisted.certs java.security trusted.libraries
cacerts javaws.policy US_export_policy.jar
[root@linux06 security]# cd /usr/java/default/jre/lib/security
[root@linux06 security]# mv US_export_policy.jar US_export_policy.jar_bak
[root@linux06 security]# mv local_policy.jar local_policy.jar_bak
[root@linux06 security]# ls -ll
total 164
-rw-r--r--. 1 root root 4054 Sep 22 18:23 blacklist
-rw-r--r--. 1 root root 1273 Sep 22 18:23 blacklisted.certs
-rw-r--r--. 1 root root 112860 Sep 22 18:23 cacerts
-rw-r--r--. 1 root root 2466 Sep 22 18:23 java.policy
-rw-r--r--. 1 root root 27358 Sep 22 18:23 java.security
-rw-r--r--. 1 root root 98 Sep 22 18:23 javaws.policy
-rw-r--r--. 1 root root 3405 Sep 22 18:35 local_policy.jar_bak
-rw-r--r--. 1 root root 0 Sep 22 18:23 trusted.libraries
-rw-r--r--. 1 root root 2920 Sep 22 18:35 US_export_policy.jar_bak
[root@linux06 security]# pwd
/usr/java/default/jre/lib/security
[root@linux06 security]# cp /u01/app/SFTW/JCE/UnlimitedJCEPolicyJDK8/US_export_policy.jar /usr/java/default/jre/lib/security
[root@linux06 security]# cp /u01/app/SFTW/JCE/UnlimitedJCEPolicyJDK8/local_policy.jar /usr/java/default/jre/lib/security
[root@linux06 security]# ls -ll
total 172
-rw-r--r--. 1 root root 4054 Sep 22 18:23 blacklist
-rw-r--r--. 1 root root 1273 Sep 22 18:23 blacklisted.certs
-rw-r--r--. 1 root root 112860 Sep 22 18:23 cacerts
-rw-r--r--. 1 root root 2466 Sep 22 18:23 java.policy
-rw-r--r--. 1 root root 27358 Sep 22 18:23 java.security
-rw-r--r--. 1 root root 98 Sep 22 18:23 javaws.policy
-rw-r--r--. 1 root root 3035 Dec 14 10:47 local_policy.jar
-rw-r--r--. 1 root root 3405 Sep 22 18:35 local_policy.jar_bak
-rw-r--r--. 1 root root 0 Sep 22 18:23 trusted.libraries
-rw-r--r--. 1 root root 3023 Dec 14 10:46 US_export_policy.jar
-rw-r--r--. 1 root root 2920 Sep 22 18:35 US_export_policy.jar_bak
No comments:
Post a Comment