cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PGP Encryption SAP PI 7.3- File Adapter error

Former Member

on ‎08-14-2013 4:31 PM

0 Kudos

Hi,

I am trying to encrypt a file using standard PGP encryption module provided by SAP . I stuck up at soem point where the channel shows error while encrypting the file.

Error info :

PGP Encryption Module : could not process message, Internal PGP Error (org.bouncycastle.openpgp.PGPException: exception encrypting session key)

I searched the blogs  below:

http://scn.sap.com/thread/3225517

http://www.didisoft.com/wp-content/uploads/OpenPGP_Java_2_4.pdf

These 2 blogs says about updating the latest JCE policies, but I have checked and our server have the latest JCE policies .

But we are still facing the same issue. Could you please help me in solving this issue. Thank you.

Regards,

Kiran

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

vicky20691
Active Contributor
‎12-04-2015 1:57 PM
0 Kudos

Hi Kiran,

Just resolved this issue in UAT environment yesterday.

Blindly follow the following link as pointed by Emil

Download the version 6 assuming you are using SAP PI 7.31/ SAP PI 7.4 single stack . For SAP PI/PO intallation only 2 locations will be available-


\usr\sap\<SID>\J<XX>\exe\sapjvm_6\jre\lib\security

\usr\sap\<SID>\SYS\exe\jvm\NTAMD64\sapjvm_<Version>.<Patch>\sapjvm_<Version>\jre\lib\security


If you do not update on both the locations even after restart the changes will not take effect. To Verify the changes just go to


http://<host>:<port>/BC//VerifyJCE


and then you should see the following screen

Show replies
Show replies
Former Member
‎12-03-2015 11:07 AM
0 Kudos

Hi All,

Is PGPEncryption module supported in NFS protocol?

-Nithin.

Show replies
Show replies
vicky20691
Active Contributor
‎12-04-2015 1:50 PM
0 Kudos

Hi Nithin,

Yes PGPEncryption/Decryption module is possible in NFS.. ( i think on almost all standard adapters) ..

Regards,

Vikas

Former Member
‎12-18-2013 11:16 AM
0 Kudos

Hi Kiran,

Did you find a solution to this issue? I had the same problem in our Dev and QA environment. I was able to solve the problem in our Dev environment by redeploying the PIB2BPGP component. But this didn't work in QA.

I have also checked the JCE version, and it is correct and aligned in all environments.

Hoping for good news.

Regards,

Emil

Show replies
Show replies
Former Member
‎01-09-2014 9:48 AM
0 Kudos

I thought I would do a follow-up, in case others someday face the same issue.

Interesting enough, the problem in our case was indeed the JCE files. When doing a standard installation using SAPJVM, you will have installed the following files:

local_policy.jar

US_export_policy.jar

BUT!! in a SAPJVM installation, only the US_export_policy.jar is unlimited. The local_policy.jar is still limited. I checked this by adding the local_policy.jar files to a java project in NWDS and then check the MANIFEST.MF file:

Manifest-Version: 1.0

Created-By: 1.6.0-rc (Sun Microsystems Inc.)

Crypto-Strength: limited

Name: exempt_local.policy

SHA1-Digest: 1UkwMAnKbHaX2CkqWE5ZOpCbvTo=

Name: default_local.policy

SHA1-Digest: AcamqLZm8lRSljqbbjP5l8KvKqA=

So you will still have to update this file even if it already exist. Check the locations in this blog:

http://scn.sap.com/community/b2b-integration/blog/2012/07/12/b2b-adapters--updating-to-jce-unlimited...

SAP released a nice application for checking the JCE settings in note:

1915999 - Verify JCE Unlimited Strength Jurisdiction Policy and fixes

This is part of the PIB2BPGP SP1 patch 2 - It specifies that you can check your JCE settings here:

Go to http://<host>:<port>/BC/VerifyJCE

BUT 2!!! For some reason this JCE verification application is not available if you have upgraded the PIB2BPGP component to SP2 patch 0. ??

Hope this proves helpful to someone. It did cost us some pain to get there.

Regards,

Emil

Ask a Question