Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.Cipher.getInstance(Cipher.java:657) at javax.crypto.Cipher.getInstance(Cipher.java:596) at org.bouncycastle.jcajce.NamedJcaJceHelper.createCipher(Unknown Source) at org.bouncycastle.openpgp.operator.jcajce.OperatorHelper.createCipher(Unknown Source) at org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder$1.recoverKeyData(Unknown Source) ... 13 more Caused by: java.util.jar.JarException: file:/hadoop/yarn/local/usercache/hdfs/appcache/application_1448909148534_0008/filecache/11/job.jar/job.jar has unsigned entries - com/google/common/annotations/Beta.class at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:464) at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322) at javax.crypto.JarVerifier.verify(JarVerifier.java:250) at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:160) at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:186) at javax.crypto.Cipher.getInstance(Cipher.java:653) ... 17 more |
http://stackoverflow.com/questions/9534512/bouncycastle-jboss-as7-jce-cannot-authenticate-the-provider-bc
But if You change server from JBoss to other (for example Glassfish) You have the same problem.
The better solition for me are changes in jdk.
You shoud add Bouncy Castle to security providers on Your java platform in two steps:
1. Copy BC librarys (currently bcpkix-jdk15on-149.jar, bcprov-jdk15on-149.jar) to directory $JAVA_HOME/jre/lib/ext/
2. Register BC provider: edit file $JAVA_HOME/jre/lib/security/java.security and under line
security.provider.1=sun.security.provider.Sun
add Your BC provider
security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
Change numbers of rest providers. The whole block of providers should be similar to:
security.provider.1=sun.security.provider.Sun security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider security.provider.3=sun.security.rsa.SunRsaSign security.provider.4=sun.security.ec.SunEC security.provider.5=com.sun.net.ssl.internal.ssl.Provider security.provider.6=com.sun.crypto.provider.SunJCE security.provider.7=sun.security.jgss.SunProvider security.provider.8=com.sun.security.sasl.Provider security.provider.9=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.10=sun.security.smartcardio.SunPCSC
Sorry, You don’t need change providers. Just add under SunPCSC provider next number of providers such as:
security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider
BC provider does not have to be the second. Might be the last. – Krzysztof Szewczyk Jul 5 ’13 at 10:08
Thanks. It works for me. – Phat H. VU Jun 10 ’14 at 10:26
and in accession capital to say that I acquire in fact enjoyed account your blog posts.
Any way I will be subscribing to your augment and even I
achievement you access constantly rapidly.
similar one and i was just wondering if you get a lot of spam responses?
If so how do you prevent it, any plugin or anything you can recommend?
I get so much lately it’s driving me insane so any assistance is very much
appreciated.