Vantage StoragePoint™ Web Client task is getting various errors during startup, including 'java.lang.SecurityException: Cannot set up certs for trusted CAs'
search cancel

Vantage StoragePoint™ Web Client task is getting various errors during startup, including 'java.lang.SecurityException: Cannot set up certs for trusted CAs'

book

Article ID: 272324

calendar_today

Updated On:

Products

Vantage Storage Resource Manager

Issue/Introduction

After upgrading to z/OS 2.5 from z/OS 2.4, the Vantage StoragePoint™ Web Client STC fails during startup with messages such as the following: 

 

785 main ERROR c.c.v.g.s.l.VantageContextLoader:99 - Cannot create PoolableConnectionFactory (Failed to start dantgui/webclientdb/DefinitionDb' with class loader java.net.URLClassLoader@bb060d31, see the next exception for details.)

868 main ERROR c.c.v.g.s.s.VantageInitServlet:51 - Vantage StoragePoint™ Web Client started with errors.

And ...

SEVERE: Failed to initialize component UConnectorUHTTP/1.1-770~~ 
java.lang.ExceptionInInitializerError                            
.at java.lang.J9VMInternals.ensureError(J9VMInternals.java:157)  

And ...

SEVERE: Failed to initialize component UConnectorUHTTP/1.1-770~~               
java.lang.ExceptionInInitializerError                                          
.at java.lang.J9VMInternals.ensureError(J9VMInternals.java:157)                
.at java.lang.J9VMInternals.recordInitializationFailure(J9VMInternals.java:146)
.at javax.crypto.Cipher.getInstance(Unknown Source) 

And ...

Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs    
.at javax.crypto.b.<clinit>(Unknown Source)                                    
.... 41 more                                                                   
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!

Cause

The Java parameter 'crypto.policy=unlimited' needs to be activated (or defined) in the 'java.security' file for the Java Cryptography Extension (JCE) feature.

Resolution

The Java parameter 'crypto.policy=unlimited' needs to be activated (or added) in the 'java.security' file for the Java Cryptography Extension (JCE) feature.  

1) For Java 1.8.0_151 or later versions: 

In the file:

<jdk>/jre/lib/security/java.security

Uncomment or add the following statement:

crypto.policy=unlimited


2) For a Java version earlier than  1.8.0_151, install the correct JCE patch for your java version (contact IBM or Sun if needed, based upon the version of Java being used) 

Powered by Wolken Software