This discussion is archived
9 Replies Latest reply: Mar 15, 2005 1:31 PM by 425612 RSS

problem of   jce  with oracle9 jvm

24216 Newbie
Currently Being Moderated
i have loaded my java class which use the Sun JCE 1.2.2 to Oracle9i,
but it can be run.
the exception is:

java.lang.ExceptionInInitializerError:
java.lang.SecurityException: Cannot set up certs for trusted CAs: java.net.MalformedURLException: no protocol: US_export_policy.jar
at javax.crypto.SunJCE_b.<clinit>(DashoA6275)
at javax.crypto.Cipher.a(DashoA6275)
at javax.crypto.Cipher.getInstance(DashoA6275)

can u help me?
  • 1. Re: problem of   jce  with oracle9 jvm
    Avi Abrami Oracle ACE
    Currently Being Moderated
    21213,
    Oracle 9i embedded JVM is compatible with version java version 1.3, so I think you need to use a version of JCE which is compatible with java 1.3, no?

    Good Luck,
    Avi.
  • 2. Re: problem of   jce  with oracle9 jvm
    24216 Newbie
    Currently Being Moderated
    Hi Avi

    Thank you for your advice

    On the site of JCE 1.2.2 (java.sun.com) has a message about JCE1.2.2 that is " JCE 1.2.2 is an older release that can be installed as an optional package to the Java 2 SDK, versions 1.2.x and 1.3.x.#

    so i think the problem maybe the oracle9i cann't support with JCE Based Java Stored Procedure now.

    I also load the JCE java file to the DB.
    jce1_2_2.jar
    sunjce_provider.jar
    local_policy.jar
    US_export_policy.jar

    I 'll try to test jce 1.2.1.


    Regards
    --David Du
  • 3. Re: problem of   jce  with oracle9 jvm
    24216 Newbie
    Currently Being Moderated
    Hi Avi

    I also did a test with JCE 1.2.1 ,thye error same as JCE1.2.2.

    *** 2005-01-17 15:09:03.000
    *** SESSION ID:(9.748) 2005-01-17 15:09:03.000
    java.lang.ExceptionInInitializerError:
    java.lang.SecurityException: Cannot set up certs for trusted CAs
    at javax.crypto.b.<clinit>([DashoPro-V1.2-120198])
    at javax.crypto.Cipher.getInstance([DashoPro-V1.2-120198])
    at my.MyCrypt.<init>(MyCrypt.java:62)
  • 4. Re: problem of   jce  with oracle9 jvm
    428006 Newbie
    Currently Being Moderated
    Hi,
    you may try to add CA certificate to cacerts file in lib/security in one of Oracle's JAVA_HOME.

    Use keytool. That may help, please tell me when You succeed.
  • 5. Re: problem of   jce  with oracle9 jvm
    437232 Newbie
    Currently Being Moderated
    I have a similar problem. I am trying to execute an HTTP post to a server protected by NTLM authentication from oracle 9i. I am using the Jakarta commons HTTP client (2.0.2) and the JCE 1.2.2. I had tested this outside Oracle with a sun jre 1.3.1_15 with no problems. When I execute my post it seems to be missing a class:

    java.lang.NoClassDefFoundError
    at javax.crypto.Cipher.a(DashoA6275)
    at javax.crypto.Cipher.getInstance(DashoA6275)
    at org.apache.commons.httpclient.NTLM.getCipher(NTLM.java:119)
    at org.apache.commons.httpclient.NTLM.encrypt(NTLM.java:170)
    ...

    Does anyone have any ideas?

    thanks in advance.
    d.
  • 6. Re: problem of   jce  with oracle9 jvm
    Avi Abrami Oracle ACE
    Currently Being Moderated
    People,
    Please excuse me, but I am unfamiliar with JCE. However, I believe that the OracleJVM that comes with the Oracle 9i database is fully compliant with SUN's JDK version 1.3. Therefore, I imagine that the OracleJVM should support JCE. Unfortunately, there's not much more I can offer.

    As Maciej mentioned, there is a "jdk/jre/lib/security/cacerts" subdirectory (under the "ORACLE_HOME" directory) -- but I don't know what you are meant to do with it.

    Sorry I can't be any more help.

    Good Luck,
    Avi.
  • 7. Re: problem of   jce  with oracle9 jvm
    437232 Newbie
    Currently Being Moderated
    It may be the cacerts file is not appropriate (I am no expert in JCE either), but I note that when I ran my application in the external sun JDK I did not have to add certificates (the JCE is used to create NTLM authentication credentials and I provide all the required information in the program code). Also, the cacerts file under my sun jre 1.3 seems to be very similar to the one stored under my oracle home (but they are not identifical to a binary diff).

    I think that this is more likely a resource load problem, as the JCE has a plugable provider interface and is likely to make heavy use loading class files and other resources by name.

    I don't really have time to investigate this further. I can work around the problem by using a different authentication scheme in my application. However, since the JCE is part of the Java 1.4 specification and this spec is used, I believe, in the Oracle 10g release and I will likely have an chance to look at running my code in 10g in the next few weeks, I will post a quick note to say if the same code works there or not.

    cheers,

    d.
  • 8. Re: problem of   jce  with oracle9 jvm
    82532 Newbie
    Currently Being Moderated
    It most likely will. I have deployed a number of JCE applications into 10g without any problems.
  • 9. Re: problem of   jce  with oracle9 jvm
    425612 Newbie
    Currently Being Moderated
    To use the javax.crypto.* within my Java Stored Procedure on Oracle 9i, I had to load the jce1_2_2.jar as a resource, using the loadjava utility.

    I am using DESede encryption type to encrypt/decrypt data on database, and therefore am using the Sun Provider. I also had to use loadjava to load the sunjce_provider.jar as a resource before I was able to compile my Java SP.

    Hope this helps.
    Steve