stackoom
  简体   繁体   中英

java.lang.SecurityException: The jurisdiction policy files are not signed by a trusted signer

 原文  2012-03-16 22:15:49       java/ jsse

Question

In working on a different problem (related to RMI), I upgraded the system's "security folder" with the "unlimited strength" policy files and now my applicaiton fails in a different way. I get a long stack dump, of which following bits appear pertinent:

Exception in thread "main" java.lang.ExceptionInInitializerError

[...crop...]

Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism
        at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:86)
        ... 17 more
Caused by: java.lang.SecurityException: The jurisdiction policy files are not signed by a trusted signer!

[...crop...]

Um, WTF? The ONLY change was that I moved the orignal jar files aside and added the unlimited ones in $JAVA_HOME/lib/security. That directory now looks like this:

$ ls
blacklist      javaws.policy               trusted.libraries
cacerts        local_policy.jar            US_export_policy.jar
java.policy    local_policy.jar.strong     US_export_policy.jar.strong
java.security  local_policy.jar.unlimited  US_export_policy.jar.unlimited

Of course, the .strong and .unlimited version are there so I can switch back quickly.

The directions were short and plain, and it would appear that they ONLY envision the replacement of these two files (local_policy.jar and US_exportpolicy.jar).

What else is there to do?

Note that the versions of java and the policy files are the very youngest to date: 1.7.0_03, and jce_policy-6, respectively.

PS The article of similar title, found here , was of no help at all.

5 answers

solution1
 50 ACCPTED  2012-03-16 22:31:25

您应该使用Java 7的策略文件,而不是混合运行时和策略文件版本

solution2
 15  2013-07-17 12:45:01

This happens when Java version does not match with the version of policy files. You can download the relevant policy files from following links.

Policy jars for Java 8
Policy jars for Java 7
Policy jars for Java 6

solution3
 4  2014-09-16 15:56:51

This could happen if there are standard policy jar files somewhere in the classpath. I suggest to find and replace all the local_policy.jar and us_export_policy.jar files with the unrestricted versions of these jars in your machine. If you are using IBM's WAS/Portal Server/RAD, here is the link to the unrestricted JCE policy jars .

solution4
 4  2016-04-21 08:56:53

Its possible that you have different versions of the JDK. For example if your JAVA_HOME points to version 7, but in your path version 6 shows up before version 7, this error could pop up.

solution5
 0  2021-11-16 20:31:42

While changing the version in your local or server, You should copy original jre/lib/security folder as security8 and remove cacerts which refers to efs and instead copy from old security8. This worked for me.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question java.lang.SecurityException: The jurisdiction policy files are not signed by the expected signer Caused by: java.lang.SecurityException: The jurisdiction policy files are not signed by the expected signer! java.lang.SecurityException: The Jar (/opt/WebSphere/AppServer7/plugins/com.ibm.ws.security.crypto.jar) is not signed by a trusted signer Maven build fails while using JCE with “ The jurisdiction policy files are not signed by a trusted signer!” java.lang.SecurityException AWSCredentialsProvider Signer Information Does Not Match java.lang.SecurityException: Java.lang.securityException java.lang.SecurityException: signer information does not match signer information of other classes in the same package in PowerMock java.lang.SecurityException: signer information does not match signer information of other classes in the same package java.lang.SecurityException with reflection
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM