I didn't want to wait for my IT department to patch the OS to test it out,
so I installed my own local copy of JRE and comment out pck11 from
java.security makeing it look like that:

#security.provider.1=sun.security.pkcs11.SunPKCS11
${java.home}/lib/security/sunpkcs11-solaris.cfg
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.8=sun.security.smartcardio.SunPCSC

Now when I run my code it was using

Signature: SHA1withRSA from SunRsaSign version 1.5
keyFactory: RSA from SunRsaSign version 1.5

and was working on all Solaris 10 regarless of their patch level!

 Hope this will help others
-Ofir

On Tue, Feb 16, 2010 at 1:57 PM, Ofir Oren <ofiro...@gmail.com> wrote:


>  I think I found what the issue is.
> It is related to Solaris 10 OS patch level (
> http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1), in
> the servers where the java 5 and 6 worked, the following files where
> patched.
>
> /etc/security/device_policy
> /etc/security/exec_attr
> ...
> /usr/lib/security/pkcs11_kernel.so.1
> /usr/lib/security/pkcs11_softtoken.so.1
> /usr/lib/security/pkcs11_softtoken_extra.so.1
> /usr/lib/security/sparcv9/pkcs11_kernel.so.1
> /usr/lib/security/sparcv9/pkcs11_softtoken.so.1
> /usr/lib/security/sparcv9/pkcs11_softtoken_extra.so.1
>
> Since my java application is using PKCS11 I'm guessing this is related. Now
> I need to patch the non-working servers to this level and see if it solve my
> issue.
>
> Thanks
> -Ofir
>
>
>
------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
JSch-users mailing list
JSch-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jsch-users

Reply via email to