Java安全性錯誤無法設置可信CA的證書Websphere 7

Question

我正在使用IBM Websphere 6 JRE來運行應用程序。我收到以下錯誤試圖生成私鑰

生成AES密鑰密鑰大小時：256

算法= 「AES」，字符集= 「utf-8」，chiper = 「AES/CBC/PKCS5Padding」，KEYLEN = 256;

Exception in thread "main" java.lang.ExceptionInInitializerError 
    at java.lang.J9VMInternals.initialize(J9VMInternals.java:222) 
    at javax.crypto.KeyGenerator.a(Unknown Source) 
    at javax.crypto.KeyGenerator.<init>(Unknown Source) 
    at javax.crypto.KeyGenerator.getInstance(Unknown Source) 
    at com.hmsa.ebiz.encryption.Encryption.generateKey(Encryption.java:93) 
    at com.hmsa.ebiz.encryption.run.GenPrivKey.main(GenPrivKey.java:46) 
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs 
    at javax.crypto.b.<clinit>(Unknown Source) 
    at java.lang.J9VMInternals.initializeImpl(Native Method) 
    at java.lang.J9VMInternals.initialize(J9VMInternals.java:200) 
    ... 5 more 
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers! 
    at javax.crypto.b.a(Unknown Source) 
    at javax.crypto.b.a(Unknown Source) 
    at javax.crypto.b.access$600(Unknown Source) 
    at javax.crypto.b$0.run(Unknown Source) 
    at java.security.AccessController.doPrivileged(AccessController.java:251) 
    ... 8 more 

Answer 1

應安裝無限強度文件來解決此問題。在我的情況下，也將Java版本升級到JDK 7。

解決加密問題的步驟。
1）安裝JDK 1.7。
2）對於Java Projectin eclipse，指向編譯器和運行時的正確JDK版本。 3）http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

4）從以上鍊接下載策略文件鏈接local_policy & US_export_policy。 5）將安全文件夾下的java主目錄中的策略文件替換爲：C：\ Program Files \ Java \ jdk1.7.0_79 \ jre \ lib \ security \和
6）C：\ Program Files \ Java \ jre7 \ lib \ security \
7）現在重新啓動websphere服務器並將兩個策略文件放在java項目的classpath中。 8）程序應該生成加密它的密鑰&。