How to avoid "java.security.InvalidKeyException:illegal Key Size" error when invoking secured services in WSO2 WSAS

"java.security.InvalidKeyException:illegal Key Size" error is a common issue which occurs when you try to invoke a secured web service in an environment where the provision for java unlimited security jurisdiction is not done.
This can be avoided by installing Java Cryptography Extension (JCE) unlimited strength jurisdiction policy files.

1. Suppose you are using jdk15. Go to http://java.sun.com/javase/downloads/index_jdk5.jsp

2. Go to the Other Downloads section and click on download link next to "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0"

3. Download jce_policy-1_5_0.zip and extract it in to a directory.

4. You will find local_policy.jar and US_export_policy.jar files there in the extracted directory. Copy these two files to $JAVA_HOME/jre/lib/security directory. (These files will already be there. you may replace them)

5. Restart WSO2 WSAS and invoke your secured service again. You will not encounter the "invalidkeyException" any more.

Comments

good and very helpful.. anyone using IBM (IBMJCE), you can find unrestricted policy file here.
https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=jcesdk
(you need to create an account if you don't have one)
Sahmeepee said…
Thanks Charitha, your post helped me fix a problem I had setting up Adito server to be published through ISA.

You saved me lots of time!
Anonymous said…
Thanks a lot for such a helpful article - this saved me from hours and hours of trying to figure out what was wrong with my setup
Anonymous said…
Perfect!!You are a outstanding person!Have you ever wore chaussures puma,Here are the most popular puma CAT,Puma shoes store gives some preview of puma speed cat,and casual but no sweat puma basket.
Puma sport
polo shirts
polo shirts
gillette razor blades
Queen--ugg boots
original polo clothing
gemjohny said…
Man, you are awesome !! took hell lot of time to figure this out.. there were already some files,once i replaced, it started working magically
Wow.. this is great post. This works for me. Thnx
kachakayala said…
Hi all I am using IBMJCEFIPS provider I am getting the java.security.InvalidKeyException, I updated unrestricted policy files also. Why it is showing the this problem I am not understanding.
Tomasz Dziurko said…
Thank you so much for this tip. You've saved my day! :) Best regards from Poland :)
Anonymous said…
Thanks for this solution. Regards from Mexico.
Unknown said…
Thanks ,
I resolved my issue :)
highTechFool said…
Thank you so much!! I've been trying to fix this problem for nearly a week. THANK YOU!
Unknown said…
Thank you very much for the post. I had the error illegal Key Size. I was spending already a lot of time analysing the cryptho classes of my JRE.
I followed your post, and I solved the problem.
I just changed the local_policy.jar of my jre installation with the one with the unlimited JCE policy.
After that ... It works!!!!!
Thanks a lot!!!!

Popular posts from this blog

Working with HTTP multipart requests in soapUI

Common mistakes to avoid in WSO2 ESB - 1 - "org.apache.axis2.AxisFault: The system cannot infer the transport information from the URL"

How to deploy JSR181 annotated class in Apache Axis2