Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
After an HP-UX 11i java upgrade to 8.0.21 or 7.0.32 the application may not start and display the following messages: For HP-UX 11i java 8.0.21: Exception in thread "main" java.lang.ExceptionInInitializerError at javax.crypto.JceSecurityManager.<clinit>(JceSecurityManager.java:65) at javax.crypto.Cipher.getConfiguredPermission(Cipher.java:2590) .... Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:93) ... 4 more Caused by: java.lang.SecurityException: The jurisdiction policy files are not signed by the expected signer! (Policy files are specific per major JDK release.Ensure the correct version is installed.) at javax.crypto.JarVerifier.verifyPolicySigned(JarVerifier.java:336) at javax.crypto.JceSecurity.loadPolicies(JceSecurity.java:378) at javax.crypto.JceSecurity.setupJurisdictionPolicies ( JceSecurity.java:323 ) at javax.crypto.JceSecurity.access$000(JceSecurity.java:50) at javax.crypto.JceSecurity$1.run(JceSecurity.java:85) at java.security.AccessController.doPrivileged(Native Method) at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:82) For HP-UX 11i java 7.0.32: Exception in thread "main" java.lang.ExceptionInInitializerError at javax.crypto.JceSecurityManager.<clinit>(JceSecurityManager.java:65) at javax.crypto.Cipher.getConfiguredPermission(Cipher.java:2559) .... Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:90) ... 4 more Caused by: java.lang.SecurityException: The jurisdiction policy files are not signed by the expected signer! (Policy files are specific per major JDK release.Ensure the correct version is installed.) at javax.crypto.JarVerifier.verifyPolicySigned(JarVerifier.java:336) at javax.crypto.JceSecurity.loadPolicies(JceSecurity.java:378) at javax.crypto.JceSecurity.setupJurisdictionPolicies ( JceSecurity.java:323 ) at javax.crypto.JceSecurity.access$000(JceSecurity.java:50) at javax.crypto.JceSecurity$1.run(JceSecurity.java:82) at java.security.AccessController.doPrivileged(Native Method) at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:80) This occurs because the /opt/java[78]/jre/lib/security/US_export_policy.jar /opt/java[78]/jre/lib/security/local_policy.jar are not removed after upgrading to HP-UX 11i java 7.0.22 (or later) and HP-UX 11i java 8.0.12 (or later), while new JCE infrastructure moved them to /opt/java[78]/jre/lib/security/policy/{limited|unlimited}, and /opt/java[78]/jre/lib/security/java.security doesn't have a crypto.policy defined by default. Refer to the following Release Notes for additional information: 7.0.32 Release Notes 8.0.22 Release Notes After HP-UX 11i java 7.0.32 or HP-UX 11i 8.0.21 policy files had been changed in /opt/java[78]/jre/lib/security/policy/{limited|unlimited}. The old /opt/java[78]/jre/lib/security/US_export_policy.jar and /opt/java[78]/jre/lib/security/local_policy.jar being not compatible with new version and used by default.
Any HPE Integrity running HPUX 11iv3 and upgrading to HP-UX 11i java 8.0.21 or HP-UX 11i java 7.0.32 .
Old policy files included in ${JAVA_HOME}/jre/lib/security/US_export_policy.jar and ${JAVA_HOME}/jre/lib/security/local_policy.jar must be removed when upgrading to. 7.0.23 (or later), or 8.0.12 (or later). Default policy applied will then be "unlimited" If retaining the limited policy is required due to application constraint or local regulation rules, crypto.policy property can be set to expected policy in the file ${JAVA_HOME}/jre/lib/security/java.security as documented in that file. RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts. Sign up for Support Alerts at the following URL: Proactive Updates Subscription Form. NAVIGATION TIP: For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to the Navigation Tips document. SEARCH TIP: For hints on locating similar documents on HPE.com, refer to the Search Tips document.