Resolving Bouncy Castle Errors
After a WebSphere fix pack, or an update of some kind, you might see a 500 server error that indicates a Bouncy Castle jar mismatch.
To verify that your issue is related to Bouncy Castle, you can check the ssoconfig/SSOCfgInfoServlet web page to see if the XML will render. If you see a similar error below, check the ios.log. The “NoSuchProviderException: No such provider: BC” indicates that the Bouncy Castle jar files need to be updated.
| [10/15/20 9:06:31:448 CDT] 000000ef SystemErr R com.lawson.lawsec.authen.LSFSecurityAuthenException:Message:java.security.NoSuchProviderException: No such provider: BC
Stack Trace : java.security.NoSuchProviderException: No such provider: BC at javax.crypto.Cipher.getInstance(Unknown Source) at com.lawson.lawsec.authen.AuthenDat.decryptData(AuthenDat.java:2619) at com.lawson.lawsec.authen.AuthenDat.getRMPrivUserPass(AuthenDat.java:521) at com.lawson.lawsec.authen.LawsonAuthentication.getJNDIProps(LawsonAuthentication.java:1087) at com.lawson.lawsec.authen.LawsonAuthentication.getInitialDirContext(LawsonAuthentication.java:1045) at com.lawson.lawsec.authen.LawsonAuthentication.getInitialDirContext(LawsonAuthentication.java:1033) at com.lawson.lawrm.rmMetaMgr.RMContext.getDirContext(RMContext.java:464) at com.lawson.lawrm.rmMetaMgr.RMContext.getRMMetaDataManager(RMContext.java:798) at com.lawson.lawrm.rmMetaMgr.RMContext.InitContext(RMContext.java:282) at com.lawson.lawrm.rmMetaMgr.RMContext.<init>(RMContext.java:162) at com.lawson.lawrm.rmMetaMgr.RMContext.<init>(RMContext.java:126) at com.lawson.lawrm.rmMetaMgr.RMContext.getInitialContext(RMContext.java:208) at com.lawson.lawrm.rmMetaMgr.RMContext.borrowRMContext(RMContext.java:303) at com.lawson.lawsec.authen.LawsonService.<init>(LawsonService.java:152) at com.lawson.lawsec.authen.LawsonSecurityXRefImpl.getServiceForName(LawsonSecurityXRefImpl.java:365) at com.lawson.lawsec.authen.LawsonSSODomainManagerImpl.getDefaultPrimaryService(LawsonSSODomainManagerImpl.java:320) at com.lawson.security.vulmit.VulnerabilityMitigation.getDefaultPrimaryService(VulnerabilityMitigation.java:193) at com.lawson.security.vulmit.VulnerabilityMitigation.getStringServiceProperty(VulnerabilityMitigation.java:203) at com.lawson.security.vulmit.VulnerabilityMitigation.configureAntiCsrf(VulnerabilityMitigation.java:173) … |
To update the jar files, navigate to WAS_HOME/java/bin and run the command “java -jar %GENDIR%/java/thirdparty/bcinstall.jar”. This will automatically check the validity of your Bouncy Castle jar file and update if needed.
| D:\IBM\WebSphere\AppServer\java\bin>.\java -jar %GENDIR%\java\thirdParty\bcinstall.jar
Testing for provider … FAIL: No such provider: BC Installing provider Installing bcprov-jdk16-145.jar transferring …….done Adding java.security entry Adding org.bouncycastle.jce.provider.BouncyCastleProvider to java.security file backing up ………………………………………………..done D:\IBM\WebSphere\AppServer\java\jre\lib\security\java.security backed up to D:\IBM\WebSphere\AppServer\java\jre\lib\security\java.se curity1901856172194836655.bak placing new properties ………………………………………….done Testing for strong encryption policy … PASS. ..done backup D:\IBM\WebSphere\AppServer\java\jre\lib\security\policy\unlimited\local_policy.jar to D:\IBM\WebSphere\AppServer\java\jre\lib \security\policy\unlimited\local_policy.jar78069013951101779.bak ..done copied D:\IBM\WebSphere\AppServer\java\jre\lib\security\policy\unlimited\US_export_policy.jar to D:\IBM\WebSphere\AppServer\java\jre \lib\security\policy\unlimited\local_policy.jar Verifying provider … PASS. Verifying policy … PASS. Summary : Provider installed successfully Policy installed successfully Crypto policy set |
