Expand my Community achievements bar.

SOLVED

JCE cannot authenticate the provider BC issue in AEM 6.5 with Java 11

Avatar

Level 2
Level 2
2/4/21 2:45:53 AM

We are using BouncyCastle for encryption. It was working fine in AEM 6.4 with Java 8. When we are doing the migration to AEM 6.5 with java 11, we are facing issues while using this library. We are getting following error: "JCE cannot authenticate the provider BC".

 

Can someone suggest the solution for this issue?

 

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

6.5

Views

7.9K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
2/5/21 9:07:43 PM

I have raised this case on Adobe support and they explained issue behind this issue. Solution provided them is also working.

 

Reason:

The BundleProtectionDomain has been updated since 6.4 and seems to be breaking in 6.5 because of the ProtectionDomain Code Source returning a different value. In 6.4 and below, it returns a jar input type in the CodeSource and location of:
jar:bundle://546.0:0/!/

Whereas in 6.5, although the Protection Domain is set the same (for the most part- [bcprov [583](R 583.0)]) as in 6.4 [bcprov [546](R 546.0)] - the CodeSource value returns the actual jar name and "bundle install method" which is not compliant with java URL: (inputstream:bcprov-jdk15to18-166.jar)

Solution:

1. Place the bouncycastle jar under crx-quickstart\launchpad\ext (you may have to create the directory)
2. Add the following to the sling.properties:
sling.bootdelegation.class.org.bouncycastle.jce.provider.BouncyCastleProvider=org.bouncycastle.*
sling.bootdelegation.class.com.rsa.jsafe.provider.JsafeJCE=com.rsa.*

 

This solution is working fine for me.

View solution in original post

Views

7.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Level 2
Level 2
2/5/21 9:07:43 PM

I have raised this case on Adobe support and they explained issue behind this issue. Solution provided them is also working.

 

Reason:

The BundleProtectionDomain has been updated since 6.4 and seems to be breaking in 6.5 because of the ProtectionDomain Code Source returning a different value. In 6.4 and below, it returns a jar input type in the CodeSource and location of:
jar:bundle://546.0:0/!/

Whereas in 6.5, although the Protection Domain is set the same (for the most part- [bcprov [583](R 583.0)]) as in 6.4 [bcprov [546](R 546.0)] - the CodeSource value returns the actual jar name and "bundle install method" which is not compliant with java URL: (inputstream:bcprov-jdk15to18-166.jar)

Solution:

1. Place the bouncycastle jar under crx-quickstart\launchpad\ext (you may have to create the directory)
2. Add the following to the sling.properties:
sling.bootdelegation.class.org.bouncycastle.jce.provider.BouncyCastleProvider=org.bouncycastle.*
sling.bootdelegation.class.com.rsa.jsafe.provider.JsafeJCE=com.rsa.*

 

This solution is working fine for me.

Views

7.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
AEM headless architecture Solved

Views

126

Likes

0

Replies

4
Issue with OSGi Bundle in Installed State After Adding Apache PDFBox to bnd-baseline-maven-plugin

Views

49

Likes

0

Replies

2
Need to show featured image alone in list component

Views

34

Likes

0

Replies

2
The dynamic table previews correctly in HTML, but when converted to PDF, the page is cut off.

Views

114

Likes

0

Replies

4
Adobe Client Data Layer compatibility with React + Core Components

Views

140

Likes

0

Replies

3