JCE Unlimited Strength policy files are two files distributed by Oracle (this is for jdk8: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html) that must be installed inside your JDK/jre/lib/security path if you want to unlock high strength cryptographic security for you java environment.
You need it for sure in a server environment outside USA.
If you don’t have this stuff installed, your jboss, tomcat, or any other server or client with a keylength higher than 1024 will not work.
To enable JCE Unlimited Strength you simply need to unzip the file downloaded from Oracle and copy US_export_policy.jar and local_policy.jar files in <JDK>/jre/lib/security.
You can check if JCE is unlimited using this command:
jrunscript -e ‘exit (javax.crypto.Cipher.getMaxAllowedKeyLength(“RC5”) >= 256);’; if [ $? -eq 1 ]; then echo “JCE Unlimited OK”; else echo “JCE NOT Unlimited”; fi
The jrunsctipt command is installed inside your JDK/bin path.
Addresses are all on the same line!
Lascia un commento