The Java Cryptography Extension (JCE) is integrated into
the software development kit (SDK) Version 1.4.x and is no
longer an optional package. However, the default JCE jurisdiction
policy file shipped with the SDK enables you to use cryptography to
enforce this default policy.
About this task
Due to export and import regulations, the default JCE
jurisdiction policy file shipped with the SDK enables you to use strong,
but limited, cryptography only. To enforce this default policy, WebSphere
Application Server uses a JCE jurisdiction policy file that might
introduce a performance impact. The default JCE jurisdiction policy
might have a performance impact on the cryptographic functions that
are supported by Web services security. If you have Web services applications
that use transport level security for XML encryption or digital signatures,
you might encounter performance degradation over previous releases
of WebSphere Application Server. However, IBM and Sun Microsystems
provide versions of these jurisdiction policy files that do not have
restrictions on cryptographic strengths. If you are permitted by your
governmental import and export regulations, download one of these
jurisdiction policy files. After downloading one of these files, the
performance of JCE and Web services security might improve.
Attention: Fix packs that include updates to the Software Development
Kit (SDK) might overwrite unrestricted policy files. Back up unrestricted
policy files before you apply a fix pack and reapply these files after
the fix pack is applied.
Important: Your country of origin
might have restrictions on the import, possession, use, or re-export
to another country, of encryption software. Before downloading or
using the unrestricted policy files, you must check the laws of your
country, its regulations, and its policies concerning the import,
possession, use, and re-export of encryption software, to determine
if it is permitted.
![[Windows]](../../windows.gif)
For WebSphere
Application Server platforms using IBM Developer Kit, Java Technology
Edition Version 1.4.2, including the AIX, Linux, and Windows platforms,
you can obtain unlimited jurisdiction policy files by completing the
following steps:
- Go to the following Web site: http://www.ibm.com/developerworks/java/jdk/security/index.html
- Click Java 1.4.2
- Click IBM SDK Policy files.
The Unrestricted JCE Policy
files for SDK 1.4 Web site is displayed.
- Enter your user ID and password or register with IBM to download
the policy files. The policy files are downloaded onto your machine.
![[HP-UX]](../../hpux.gif)
For WebSphere Application Server platforms using the
Sun-based Java Development Kit (JDK) Version 1.4.2, including the
Solaris environments and the HP-UX platform, you can obtain unlimited
jurisdiction policy files by completing the following steps:
- Go to the following Web site: http://java.sun.com/j2se/1.4.2/download.html
- Click Other Downloads.
- Locate the Java Cryptography Extension (JCE) Unlimited Strength
Jurisdiction Policy Files 1.4.2 information and click Download.
The policy files are downloaded onto your machine.