A few days ago I had a little problem when I tried to deploy in WAS 6.0 (Websphere Application Serveur 6) an application including a PDF signature.
During the execution of the servlet’s signature, I had the following problem :

java.lang.Exception: java.lang.Exception:
Error in loading the keystore: Private key decryption error:
(java.lang.SecurityException: Unsupported keysize or algorithm parameters)


This error is caused by the JCE libraries used by the virtual java’s machine executing WAS. This JVM is the standard version and it had a limited support of cryptographie’s algorithme. To correct this you just have to substitute two jar files in teh configuration of the JVM IBM (local_policy.jar et US_export_policy.jar).
This files are in the index $JAVA_HOME/jre/lib/security (for exemple /usr/lib/jvm/jre-ibm/lib/security or /opt/IBM/WebSphere/AppServer/java/jre/lib/security).
You can download this non limited librairies (file

When the file is download you had to:

  • Decompress the downloaded file
  • Verify that this file contains local_policy.jar et US_export_policy.jar
  • Stop Websphere
  • Save the old files
  • Substitute the two files
  • Take off again WAS
Be Sociable, Share!