AXSecurityException: Cannot initialize BouncyCastle provider in classpath

AXSecurityException: Cannot initialize BouncyCastle provider in classpath

book

Article ID: KB0071323

calendar_today

Updated On:

Products Versions
TIBCO Runtime Agent (TRA) 5.10.3, 5.11.x, 5.12.x

Description

Application reports security vendor initialization error like below:
<------------
ERROR com.tibco.security.impl.np.SecurityVendor - Cannot initialize security vendor
com.tibco.security.AXSecurityException: Cannot initialize BouncyCastle provider in classpath
    at com.tibco.security.impl.B.Object.o00000(SecurityVendor.java:314)
    at com.tibco.security.impl.B.Object.init(SecurityVendor.java:143)
    at com.tibco.security.impl.B.Object.init(SecurityVendor.java:88)...
Caused by: java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
    at com.tibco.security.impl.B.Object.o00000(SecurityVendor.java:297)
    ... 21 more
Caused by: java.lang.SecurityException: class "org.bouncycastle.crypto.CryptoServicesRegistrar"'s signer information does not match signer information of other classes in the same package
    at java.lang.ClassLoader.checkCerts(ClassLoader.java:891)
    at java.lang.ClassLoader.preDefineClass(ClassLoader.java:661)
    at java.lang.ClassLoader.defineClass(ClassLoader.java:754)
    at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
    at java.net.URLClassLoader.defineClass(URLClassLoader.java:468)
    at java.net.URLClassLoader.access$100(URLClassLoader.java:74)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:369)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:363)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:362)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:418)
    at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:355)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:351)
    at org.bouncycastle.jcajce.provider.ProvSecureHash$MD5.configure(Unknown Source)
    at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>(Unknown Source)
    at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>(Unknown Source)
    ... 26 more
----->
This possibly is because using fips .jar file and non-fips jar file together. 

Environment

OS: All TIBCO Runtime Agent (TRA) 5.10.3, 5.11.2 or higher

Resolution

If BCFIPS is not needed, users can can disable loading of BCFIPS (bouncycastle fips jars) by appending below property to the instance's .tra file:
java.property.com.tibco.security.dontInstallBcfipsProvider=true

Issue/Introduction

AXSecurityException: Cannot initialize BouncyCastle provider in classpath
Powered by Wolken Software