Strongly encrypted certificates require you to download
an unrestricted policy file for JCE
Due to export and import regulations, the default JCE jurisdiction
policy file shipped with Installation Manager and Build Forge enables
you to use strong, but limited, cryptography only. If you intend to
use a certificate whose encryption exceeds the encryption strength
approved for export, you need to download unrestricted JCE policy
file and update the JVM for Installation Manager and Rational Build
Forge.
If you encounter the following error during installation when you
attempt to provide a certificate to use, it is likely that you need
to update the JCE policy file.
Unable to verify this certificate, install without it then attempt to add it after install.
Attention: Build Forge upgrades that include updates to
the Software Development Kit (SDK) might overwrite the policy file.
In that case, re-apply the unrestricted policy file to the SDK after
you upgrade.
Important: Your country of origin might have restrictions
on the import, possession, use, or re-export to another country, of
encryption software. Before downloading or using the unrestricted
policy files, you must check the laws of your country, its regulations,
and its policies concerning the import, possession, use, and re-export
of encryption software, to determine if it is permitted.
- Download the unrestricted JCE policy files for the SDK
for Version 1.4.2+.
- Unzip the files.
- Copy the unzipped file local_policy.jar to the
appropriate Build Forge installation directory. Overwrite the existing
file. Use the directory for your operating system.
- To allow the certificate to be verified in future installations
of Build Forge, update Instalation Manager. Copy the unzipped file local_policy.jar to
the IBM JRE that is installed with Installation Manager. Overwrite
the existing file.
<IMinstall>/eclipse/jre_version/jre/lib/security