1880791 - java.lang.SecurityException:The provider IAIK may not be signed by a trusted party: AS Java fails to start | SAP Knowledge Base Article

SAP Knowledge Base Article - Preview

1880791 - java.lang.SecurityException:The provider IAIK may not be signed by a trusted party: AS Java fails to start

Symptom

  • The AS Java fails to start
  • The std_dispatcher.out (640-7.0x only), std_server<n>.out files from the instance work directory /usr/sap/<SID>/<InstanceID>/work show that the ConfigurationManager did not start:

Loading: LogManager ... 343 ms.
Loading: PoolManager ... 0 ms.
Loading: ApplicationThreadManager ... 62 ms.
Loading: ThreadManager ... 16 ms.
Loading: IpVerificationManager ... 15 ms.
Loading: ClassLoaderManager ... 0 ms.
Loading: ClusterManager ... 141 ms.
Loading: LockingManager ... 47 ms.
Loading: ConfigurationManager ...
Loading: ConfigurationManager returned false!
Kernel not loaded. System halted.

  • The dispatcher (640-7.0x only) and server defaultTrace files contain the following exceptions:

Error while connecting to DB.
=======================================================
com.sap.engine.frame.core.configuration.ConfigurationException: Error while connecting to DB.
 at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:119)
 at com.sap.engine.core.configuration.impl.persistence.rdbms.PersistenceHandler.<init>(PersistenceHandler.java:38)
  |
  | 
 at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:116)
 ... 14 more
Caused by: com.sap.security.core.server.secstorefs.NoEncryptionException: Encryption or decryption is not possible because the full version of the SAP Java Crypto Toolkit was not found (iaik_jce.jar is required, iaik_jce_export.jar is not sufficient) or the JCE Jurisdiction Policy Files don't allow the use of the "PbeWithSHAAnd3_KeyTripleDES_CBC" algorithm.
 at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:1975)
 at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:802)
 at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
 at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
 ... 16 more
Caused by: java.lang.SecurityException: The provider IAIK may not be signed by a trusted party
 at javax.crypto.SunJCE_b.a(DashoA12275)
 at javax.crypto.Cipher.a(DashoA12275)
 at javax.crypto.Cipher.getInstance(DashoA12275)
 at com.sap.security.core.server.secstorefs.Crypt.<init>(Crypt.java:220)
 at com.sap.security.core.server.secstorefs.SecStoreFS.<init>(SecStoreFS.java:1346)
 at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:798)
 ... 18 moreLoading: ConfigurationManager returned false!

Kernel not loaded. System halted.


Read more...

Environment

SAP NETWEAVER RELEASE INDEPENDENT

Product

SAP Composition Environment all versions ; SAP NetWeaver all versions

Keywords

applicatiion java.lang.SecurityException IAIK signed trusted party configuration manager , KBA , BC-JAS-SEC-CPG , Cryptography , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.