Downloading an unrestricted policy file

Strongly encrypted certificates require you to download an unrestricted policy file for JCE

Due to export and import regulations, the default JCE jurisdiction policy file shipped with Installation Manager and Build Forge enables you to use strong, but limited, cryptography only. If you intend to use a certificate whose encryption exceeds the encryption strength approved for export, you need to download unrestricted JCE policy file and update the JVM for Installation Manager and Rational Build Forge.

If you encounter the following error during installation when you attempt to provide a certificate to use, it is likely that you need to update the JCE policy file.

Unable to verify this certificate, install without it then attempt to add it after install.
Attention: Build Forge upgrades that include updates to the Software Development Kit (SDK) might overwrite the policy file. In that case, re-apply the unrestricted policy file to the SDK after you upgrade.
Important: Your country of origin might have restrictions on the import, possession, use, or re-export to another country, of encryption software. Before downloading or using the unrestricted policy files, you must check the laws of your country, its regulations, and its policies concerning the import, possession, use, and re-export of encryption software, to determine if it is permitted.
  1. Download the unrestricted JCE policy files for the SDK for Version 1.4.2+.
  2. Unzip the files.
  3. Copy the unzipped file local_policy.jar to the appropriate Build Forge installation directory. Overwrite the existing file. Use the directory for your operating system.
    • Windows systems

      <bfinstall>\ibmjdk\jre\lib\security

    • UNIX and Linux systems

      <bfinstall>/Platform/ibmjdk/jre/lib/security

  4. To allow the certificate to be verified in future installations of Build Forge, update Instalation Manager. Copy the unzipped file local_policy.jar to the IBM JRE that is installed with Installation Manager. Overwrite the existing file.
    • Windows systems

      <IMinstall>\eclipse\jre_version\jre\lib\security

    • UNIX and Linux systems

    <IMinstall>/eclipse/jre_version/jre/lib/security


Feedback