The Java™ Cryptography
Extension (JCE) policy is integrated into the IBM® Software Development Kit (SDK) Version 1.4.x and
is no longer an optional package. However, due to export and import
regulations, the default JCE jurisdiction policy file shipped with
the SDK enables you to use strong, but limited, cryptography only.
About this task
To enforce this default policy, WebSphere® Application Server uses a JCE
jurisdiction policy file that might introduce a performance impact.
The default JCE jurisdiction policy might have a performance impact
on the cryptographic functions that are supported by Web Services
Security. If you have web services applications that use transport
level security for XML encryption or digital signatures, you might
encounter performance degradation over previous releases of WebSphere Application Server.
However, IBM and Sun Microsystems
provide versions of these jurisdiction policy files that do not have
restrictions on cryptographic strengths. If you are permitted by your
governmental import and export regulations, download one of these
jurisdiction policy files. After downloading one of these files, the
performance of JCE and Web Services Security might improve.
![[AIX Solaris HP-UX Linux Windows]](../images/dist.gif)
![[IBM i]](../images/iseries.gif)
Procedure
![[AIX]](../images/aixlogo.gif)
![[Linux]](../images/linux.gif)
For WebSphere Application Server platforms
using IBM Developer Kit, Java Technology Edition, Version
1.4.2, including the AIX®, Linux, and Windows platforms, you can obtain unlimited
jurisdiction policy files by completing the following steps: - Go to the following website: http://www.ibm.com/developerworks/java/jdk/security/index.html.
- Click Java 1.4.2.
- Click IBM SDK Policy files. The Unrestricted JCE Policy files for SDK 1.4 website is displayed.
- Enter your user ID and password or register with IBM to download the policy files. The policy files are downloaded onto your machine.
![[Solaris]](../images/solaris.gif)
For WebSphere Application Server platforms
using the Sun-based Java SE
Development Kit 6 (JDK 6) Version 1.4.2, including the Solaris environments
and the HP-UX platform, you can obtain unlimited jurisdiction policy
files by completing the following steps: - Go to the following website: http://java.sun.com/j2se/1.4.2/download.html.
- Click Other Downloads.
- Locate the JCE Unlimited Strength Jurisdiction Policy
Files 1.4.2 information and click Download. The policy files are downloaded onto your machine.
For IBM i and IBM Software
Development Kit Version 1.4, the tuning of Web Services Security is
not required. The unrestricted jurisdiction policy files for IBM Software Development Kit Version
1.4 are automatically configured when the prerequisite software is
installed. - For IBM i (formerly
known as IBM i V5R3), the unrestricted
jurisdiction policy files for IBM Software
Development Kit Version 1.4 are automatically configured by installing
product 5722AC3, Crypto Access Provider 128-bit.
- For IBM i 5.4,
the unrestricted jurisdiction policy files for IBM Software Development Kit Version 1.4 are
automatically configured by installing product 5722SS1 Option 3, Extended
Base Directory Support.