问题
In working on a different problem (related to RMI), I upgraded the system's "security folder" with the "unlimited strength" policy files and now my applicaiton fails in a different way. I get a long stack dump, of which following bits appear pertinent:
Exception in thread "main" java.lang.ExceptionInInitializerError
[...crop...]
Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism
at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:86)
... 17 more
Caused by: java.lang.SecurityException: The jurisdiction policy files are not signed by a trusted signer!
[...crop...]
Um, WTF? The ONLY change was that I moved the orignal jar files aside and added the unlimited ones in $JAVA_HOME/lib/security. That directory now looks like this:
$ ls
blacklist javaws.policy trusted.libraries
cacerts local_policy.jar US_export_policy.jar
java.policy local_policy.jar.strong US_export_policy.jar.strong
java.security local_policy.jar.unlimited US_export_policy.jar.unlimited
Of course, the .strong and .unlimited version are there so I can switch back quickly.
The directions were short and plain, and it would appear that they ONLY envision the replacement of these two files (local_policy.jar and US_exportpolicy.jar).
What else is there to do?
Note that the versions of java and the policy files are the very youngest to date: 1.7.0_03, and jce_policy-6, respectively.
P.S. The article of similar title, found here, was of no help at all.
回答1:
Rather than mixing runtime and policy file versions, you should use the policy files for Java 7.
回答2:
This happens when Java version does not match with the version of policy files. You can download the relevant policy files from following links.
Policy jars for Java 8
Policy jars for Java 7
Policy jars for Java 6
回答3:
This could happen if there are standard policy jar files somewhere in the classpath. I suggest to find and replace all the local_policy.jar and us_export_policy.jar files with the unrestricted versions of these jars in your machine. If you are using IBM's WAS/Portal Server/RAD, here is the link to the unrestricted JCE policy jars.
回答4:
Its possible that you have different versions of the JDK. For example if your JAVA_HOME points to version 7, but in your path version 6 shows up before version 7, this error could pop up.
来源:https://stackoverflow.com/questions/9745193/java-lang-securityexception-the-jurisdiction-policy-files-are-not-signed-by-a-t