NoClassDefFoundError: BouncyCastleFipsProvider from EEM smreghost
search cancel

NoClassDefFoundError: BouncyCastleFipsProvider from EEM smreghost

book

Article ID: 367032

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Agents (SiteMinder)

Issue/Introduction


Running smreghost.bat command to register the SDK agent from EEM, the command fails and reports an error:

  C:\<installation_path>\EmbeddedEntitlementsManager\bin>"C:\<installation_path>\EmbeddedEntitlementsManager/jre/bin/java" -Dcom.ca.siteminder.sdk.agentapi.enableDebug="true" -classpath "C:\<installation_path>\EmbeddedEntitlementsManager/lib/jars/smagentapi.jar>";"<C:\<installation_path>\EmbeddedEntitlementsManager/lib/jars/smcrypto.jar>" com.ca.siteminder.sdk.agentapi.SmRegHost -i 10.0.0.1 -u <name> -hc <hco> -hn <name> -p <password>

  18:07:21.995 [main] SMERROR: SmServer, retryTimedoutConnections, Error retrying connection NO CONN Exception in thread "main" java.lang.NoClassDefFoundError: org/bouncycastle/jcajce/provider/BouncyCastleFipsProvider

          at com.ca.sso.smcrypto.provider.SmCryptoProviderFactory.getInstance(SmCryptoProviderFactory.java:37)
          at com.ca.sso.smcrypto.SmCryptoFacade.<clinit>(SmCryptoFacade.java:35)

  Caused by: java.lang.ClassNotFoundException: org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider

 

Resolution


Ensure that the .jars:

  smagentapi.jar;
  bc-fips-1.0.2.4.jar;
  fipsmode.jar;
  smcrypto.jar

are referenced in the Classpath to solve this issue.

This is from the latest SDK version 12.8SP8CR01:

smreghost.bat:

  @echo off

  [...omitted for brevity...]
  
  set SM_SMREGHOST_CLASSPATH=C:\<installation_path>\java\smagentapi.jar;C:\<installation_path>\java\bc-fips-1.0.2.4.jar;C:\<installation_path>\java\fipsmode.jar;C:\<installation_path>\java\smcrypto.jar

  set PATH=%JAVA_HOME%\bin;%PATH%

  java -classpath "%SM_SMREGHOST_CLASSPATH%" com.ca.siteminder.sdk.agentapi.SmRegHost %*

Bouncy Castle is a library managing the encryption (1).

FipsProvider is the class to manage the Federal Information Processing Standards (FIPS) type (2). With the Policy Server, the encryption might follow exactly the FIPS only standards, or allow more encryption algorithms.

 

Additional Information