when we put both bcprov-ext-jdk15to18-170.jar and bcprov-jdk15to18-170.jar into lib folder, we got another error message (java.lang.LinkageException as I remember). We threw bcprov-jdk15to18-170.jar and the flow worked well.
Original Message:
Sent: Fri April 01, 2022 10:53 AM
From: Juan Reforme
Subject: How to use PGP encryption on IBM ACE v12
HI all
The error from ACE12 is:
<com.ibm.broker.plugin.MbRecoverableException class:JNI method:ImbOutputTemplateNode::processMessageAssemblyToFailure source:BIPmsgs key:2230 >
The Libs I am using is from Matt's version:
bcpg-jdk15to18-170.jar
bcprov-ext-jdk15to18-170.jar
bcprov-jdk15to18-170.jar
com.ibm.broker.supportpac.PGP.jar
The path where I set the libs are:
C:\Program Files\IBM\ACE\12.0.3.0\server\jplugin
C:\Users\user\IBM\ACET12\workspace\Configuration\PGP\Server
C:\PGP\pgpkeytool11
C:\ProgramData\IBM\MQSI\shared-classes
Java Version on ACE12 Console
C:\Program Files\IBM\ACE\12.0.3.0>java -version
java version "1.8.0_301"
Java version on Windows Command Prompt
C:\Users\user>java -version
java version "17.0.2" 2022-01-18 LTS
Java(TM) SE Runtime Environment (build 17.0.2+8-LTS-86)
Java HotSpot(TM) 64-Bit Server VM (build 17.0.2+8-LTS-86, mixed mode, sharing)
I don't know how to change the Java version on the ACE12 Console.
Also these error comes if I try to use the "java pgpkeytool encrypt" script:
C:\Program Files\IBM\ACE\12.0.3.0>java pgpkeytool encrypt -sr C:/PGP/KeyRepository/Recipient/private.pgp -pr C:/PGP/KeyRepository/Recipient/public.pgp -r "sender@gmail.com" -c AES_256 -z ZIP -o true -i true C:/PGP/Data/Example-1/mqsibackout/test.txt
Exception in thread "main" java.lang.NoClassDefFoundError: org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator
at com.ibm.broker.supportpac.pgp.PGPEnvironment.initialize(PGPEnvironment.java:67)
at com.ibm.broker.supportpac.pgp.PGPCommandLineEncrypter.execute(PGPCommandLineEncrypter.java:121)
at pgpkeytool.main(pgpkeytool.java:76)
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator
at java.net.URLClassLoader.findClass(URLClassLoader.java:610)
at java.lang.ClassLoader.loadClassHelper(ClassLoader.java:945)
at java.lang.ClassLoader.loadClass(ClassLoader.java:890)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349)
at java.lang.ClassLoader.loadClass(ClassLoader.java:873)
... 3 more
Not sure what I am missing...
Thank you!
------------------------------
Juan Reforme
Original Message:
Sent: Fri April 01, 2022 09:16 AM
From: Matthias Blomme
Subject: How to use PGP encryption on IBM ACE v12
Hi Elizabeth
Are you using the default policy project? If not have you specified the policy project?
------------------------------
Regards
Matthias Blomme
Original Message:
Sent: Thu March 31, 2022 04:40 PM
From: Elizabeth Zarate
Subject: How to use PGP encryption on IBM ACE v12
Hi Mattias.
We are using your version and followed the readme about the Policies.
Create the policy and deploy.
But appear this message:
Unable to resolve message: Source: Message Encryption Failed!Key: PGP Policy not found
We used different ways as copy the folder Policy on C:\ProgramData\IBM\MQSI\components\IntegreationNode\servers\ServerName\overrides\POLICY_FOLDER.
Obviously the policy not found but was created and referenced on PGP node, Exist some command to relate the policy?
------------------------------
Elizabeth Zarate
Original Message:
Sent: Wed March 30, 2022 08:20 AM
From: Matthias Blomme
Subject: How to use PGP encryption on IBM ACE v12
Hi Francois.
You put me on the right track and your were 100% correct that BC stands for BouncyCastle.
I updated the jar files to newer ones from here: https://www.bouncycastle.org/latest_releases.html
The plugin jars don't need to be signed, just the verification of the bc*.jar files was failing.
Replaced them in my runtime and it works!
I've also added the jar file on my github project https://github.com/matthiasblomme/MyOpenTech-PGP-SupportPac
Regards
------------------------------
Regards
Matthias Blomme
Original Message:
Sent: Wed March 30, 2022 05:09 AM
From: Francois Brandelik
Subject: How to use PGP encryption on IBM ACE v12
How did you sign the jar? Is the signer cert and signer chain in your truststore?
On the other hand BC might stand for BouncyCastle so look at following URL https://stackoverflow.com/questions/13721579/jce-cannot-authenticate-the-provider-bc-in-java-swing-application
Don't mind that it says java-swing just translate to java-application...
------------------------------
Francois Brandelik
Original Message:
Sent: Mon March 21, 2022 07:24 AM
From: István Márton
Subject: How to use PGP encryption on IBM ACE v12
We are trying to use Matthias Blomme's new version, I had to rebuild it in Java8 and sign it as ACE12 needs jars signed. We are stuck with this because we get this kind of error message after signing with a CAPKI certificate:
BIP4394E: Java exception: 'com.ibm.broker.plugin.MbUserException'; thrown from class name: 'com.ibm.broker.supportpac.pgp.impl.PGPEncrypterNode', method name: 'evaluate', file: 'PGPEncrypterNode.java', line: '532'; trace text: 'JCE cannot authenticate the provider BC'; resource bundle: 'Message Encryption Failed!'; key: 'JCE cannot authenticate the provider BC'; inserts(optional): '{8}', '{9}', '{10}', '{11}', '{12}', '{13}', '{14}', '{15}', '{16}', '{17}'
------------------------------
István Márton
Original Message:
Sent: Wed March 16, 2022 05:08 PM
From: Juan Reforme
Subject: How to use PGP encryption on IBM ACE v12
I did try to convert from Configurable services to Policies. but still not working...
does anybody implement successfully?
------------------------------
Juan Reforme
Original Message:
Sent: Tue November 30, 2021 10:10 AM
From: MATTHEW SEGALL
Subject: How to use PGP encryption on IBM ACE v12
The setup for v10 should work just fine in v12. You stated that the flows are running fine of v12. Did you see any problems with PGP after the upgrade?
------------------------------
MATTHEW SEGALL
Original Message:
Sent: Wed November 24, 2021 06:25 PM
From: Lokesh Bonthula
Subject: How to use PGP encryption on IBM ACE v12
I used PGP support pack for IBM Integration Bus V9 and also V10. I am doing a POC to migrate IIBV10 to IBM ACE v12.
PGP link for IIB V9 and V10 : GitHub - dipakpal/MyOpenTech-PGP-SupportPac: PGP SupportPac for IBM Integration Bus
I did the backup of Node and extract components on IBM ACE v12. All the integrations server and flows were up and running fine.
When looked at the PGP support pack for IBM ACE V12 I couldn't find any. Has anyone faced this issue and how to overcome .
Any information or suggestions would be a great help
Thanks
------------------------------
Lokesh Bonthula
------------------------------