How to add the bouncy castle security provider to Java
Certified

How to add the bouncy castle security provider to Java
Certified

  
Hello,

If you're seeing this error (or something similar) when accessing an OutSystems Platform Java server, this post will help you configure your server in a way that eliminates this problem. This affects modern browsers ( Chrome 45+, Firefox 40+) and is likely to be enforced in other browsers (IE, for example).



Instructions:

On the server, as root execute:
1)

# source /etc/sysconfig/outsystems

2)

Edit the $JAVA_HOME/jre/lib/security/java.security file with your favorite editor (I use vim), and add the following line following the other similar lines:

security.provider.9=org.bouncycastle.jce.provider.BouncyCastleProvider

3)
 
# cp /opt/outsystems/platform/lib/bcprov-jdk16-146.jar $JAVA_HOME/jre/lib/ext/
# chmod 644 $JAVA_HOME/jre/lib/ext/bcprov-jdk16-146.jar

4) restart jboss

# service jboss-outsystems restart



This will add Bouncy Castle as a cryptographic provider and allow stronger key sizes to be used. This prevents the error we mentioned.

Best regards,
Ricardo Silva
Hi,
 
I don't found lib directory and jar file. 
My Outsystems plataform version is 5.0 and Jboss is 5.1.  
 
Do you confirm path of step 3?
 
Tks,
Miguel

These instructions were made for the currently supported versions of the OutSystems Platform ( 8.0 and 9.0 ).

Version 5.0 didn't include the bouncy castle library. However, you can download the latest bouncy castle release for Java 1.6 from their website and substitute it in step 3.