I am using tomcat4.1.3 with j2sdk1.4.1_01. I am implementing IBM security for database and Sun Security for SSL. Database connection works fine if I use IBM jar files without configuiring my application for SSL. But if I configure SSL and leave those IBM jar files (which I need otherwise I get encryption/decryption error on database connection)I get the following error on tomcat startup:
Export restriction: SunJSSE only
However, if I don't include the IBM jar files mentioned below, tomcat starts up fine and ssl works.
Following are the configuration for ssl and database security..
C:\j2sdk1.4.1_01\jre\lib\ext folder contains
dnsns.jar, ibmjcefw.jar, ibmjceprovider.jar, ibmjsse.jar, ibmpkcs.jar, jcert.jar, jnet.jar, jsse.jar, ldapsec.jar, local_policy.jar, localedat.jar, sunjce_provider.jar, US_export_policy.jar
Following are the list of providers in C:\j2sdk1.4.1_01\jre\lib\security folder:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.ibm.crypto.provider.IBMJCE
security.provider.3=com.ibm.jsse.JSSEProvider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=com.sun.net.ssl.internal.ssl.Provider
security.provider.6=com.sun.rsajca.Provider
security.provider.7=sun.security.jgss.SunProvider
Following is the entry in server.xml (for ssl):
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="80" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="443"
acceptCount="100" debug="0" connectionTimeout="20000"
useURIValidationHack="false" disableUploadTimeout="true" />
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="100" debug="0" scheme="https" secure="true"
useURIValidationHack="false" disableUploadTimeout="true">
<Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
clientAuth="false" protocol="TLS"
keystoreFile="c:\j2sdk1.4.1_01\keystore\.keystore"
keystorePass="mypassword" />
</Connector>
Any insight on this is heartly appreciated......
Export restriction: SunJSSE only
However, if I don't include the IBM jar files mentioned below, tomcat starts up fine and ssl works.
Following are the configuration for ssl and database security..
C:\j2sdk1.4.1_01\jre\lib\ext folder contains
dnsns.jar, ibmjcefw.jar, ibmjceprovider.jar, ibmjsse.jar, ibmpkcs.jar, jcert.jar, jnet.jar, jsse.jar, ldapsec.jar, local_policy.jar, localedat.jar, sunjce_provider.jar, US_export_policy.jar
Following are the list of providers in C:\j2sdk1.4.1_01\jre\lib\security folder:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.ibm.crypto.provider.IBMJCE
security.provider.3=com.ibm.jsse.JSSEProvider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=com.sun.net.ssl.internal.ssl.Provider
security.provider.6=com.sun.rsajca.Provider
security.provider.7=sun.security.jgss.SunProvider
Following is the entry in server.xml (for ssl):
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="80" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="443"
acceptCount="100" debug="0" connectionTimeout="20000"
useURIValidationHack="false" disableUploadTimeout="true" />
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="100" debug="0" scheme="https" secure="true"
useURIValidationHack="false" disableUploadTimeout="true">
<Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
clientAuth="false" protocol="TLS"
keystoreFile="c:\j2sdk1.4.1_01\keystore\.keystore"
keystorePass="mypassword" />
</Connector>
Any insight on this is heartly appreciated......