ProcedureTo configure a JCE Provider for J2SE 1.4

The Java Cryptography Extension (JCE) provider included with J2SE 1.4 does not support RSA encryption. Because the XML Encryption defined by WS-Security is typically based on RSA encryption, you must download and install a JCE provider that supports RSA encryption to use WS-Security to encrypt SOAP messages .

J2SE 5 includes a preconfigured JCE provider. With J2SE 1.4, add a JCE provider as follows:

  1. Download and install a JCE provider JAR (Java Archive) file from one of the list of http://java.sun.com/products/jce/jce14_providers.html.

  2. Copy the JCE provider JAR file to java-home/jre/lib/ext/.

  3. Stop Application Server.

    Application Server will not recognize the JCE provider until it is stopped and restarted.

  4. Add the JCE provider to the the java-home/jre/lib/security/java.security properties file in any text editor.

    The java.security file contains instructions to add a JCE provider. Basically, you need to add a line of the following format in a location with similar properties:

    security.provider.n=provider-class-name

    In this example, n is the order of preference to be used by Application Server when evaluating security providers. Set n to 2 for the JCE provider you've just added.

    For example, if you've downloaded The Legion of the Bouncy Castle JCE provider, you would add this line.

    security.provider.2=org.bouncycastle.jce.provider.
       BouncyCastleProvider

    Make sure that the Sun security provider remains at the highest preference, with a value of 1.

    security.provider.1=sun.security.provider.Sun

    Adjust the levels of the other security providers downward so that there is only one security provider at each level.

    The following is an example of a java.security file that provides the necessary JCE provider and keeps the existing providers in the correct locations.

    security.provider.1=sun.security.provider.Sun
    security.provider.2=org.bouncycastle.jce.provider.
       BouncyCastleProvider
    security.provider.3=com.sun.net.ssl.internal.ssl.Provider
    security.provider.4=com.sun.rsajca.Provider
    security.provider.5=com.sun.crypto.provider.SunJCE
    security.provider.6=sun.security.jgss.SunProvider

  5. Save and close the file.

  6. Restart Application Server.