1 Reply Latest reply on Feb 20, 2014 3:28 PM by mistermaikcr

    JSafe JCE 6 and WebSphere 7




      We are having a problem with the security provider JSafe JCE running on WebSphere 7.

      The administrator of Coldfusion 10 does not run after setting the password.


      We had remove the security provider at runtime using these lines of code:

      <cfset objSecurity = createObject("java", "java.security.Security") />   

      <cfset objSecurity.removeProvider('JsafeJCE')>


      After this everything starts working again in the application. However, the Web Sphere Application server is having troubles with it as well.

      When I go to the Troubleshooting section of WebSphere, and hit the option to see the Class Loader Viewer, the page is not able to show results and it freezes.


      IBM support ask this:

                If certs are trusted by JSSE2This error usually occurs when the provider used to parse the cert in the jar to be verified and that used to parse the hardcoded certs are different. 

      Also check if they are adding third party providers programatically or having third party jar files present in classpath or bundled with some application.


      I think the problem with the security provider is related to an update of the java virtual machine, because after that it is not working.

      This is the Java Version:   java full version "JRE 1.6.0 IBM AIX build pap6460sr15ifx-20131203_01 (SR15)"


      Can someone help me to get an answer?

      besides the security providers of Coldfusion 10, we are not adding anything else that requires certificates or security; just standart cfm or cfc files.


      Edit 1:

      I had found the JSafeJCE jar is cryptojce.jar.

      It might have something wrong with the certificate and the latest java releases.


      Edit 2:

      the command Jarsigner –verify cryptojse.jar

      returns this warning:

      This jar contains entries whose certificate chain is not validated.


      Also runinng the verbose option I got a lot of this messages:

      [CertPath not validated: Path does not chain with any of the trust anchors]