Troubleshooting
Problem
Inbound message fails decryption
Symptom
Inbound message fails decryption with event error BCG240417 "Decryption Failed".
The bcg_router.log shows the following "Illegal key size" error:
UOW= source=com.ibm.bcg.util.PKCS7Util class=com.ibm.bcg.util.PKCS7Uti method=decryptBytes org=IBM prod=BCG component=WPGCommon thread=ÝDefault : 2¨ com.ibm.security.pkcsutil.PKCSException: Content decryption error (java.security.InvalidKeyException: Illegal key
size) at com.ibm.security.pkcs7.EncryptedContentInfo.decrypt(Unknown Source)
Resolving The Problem
The incoming data is encrypted using algorithm AES-256, which requires unrestricted policy files update as follows:
1 - Download the java 142 unrestricted policy files from url: http://publib.boulder.ibm.com/infocenter/javasdk/v5r0/index.jsp?topic=%2Fcom.ibm.java.security.component.doc.50%2Findex.html
2 - Click on link "IBM SDK Policy files"
3 - Enter your credentials and then download the following package: "Unrestricted JCE Policy files for SDK for all newer versions - version 1.4.2+"
4 - Unzip the "unrestricted.zip" file, in a temp folder, which will produce 3 files: "Readme.txt", "US_export_policy.jar" and "local_policy.jar"
5 - Replace the 2 policy jar files in folder (make a backup of the current files first): <WAS_Installation_Directory>\java\jre\lib\security
6 - Restart WPG
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21613778