Monday, April 7, 2014

Encryption key based algorithms in Commerce | Error Invalid Key Size

I have encountered this since older versions of commerce, all the way to V7 and this could happen with any type of key based encrypted algorithms. In this scenario, I was testing AESCipher using AES encryption but can happen working on multiple algorithms with larger key size.

This error is caused by restrictions in some countries with key size and hence the default Java spec does not provide unlimited key strength as a default configuration and it requires the policy jars to be updated.

Back up the following files from C:\IBM\SDP\runtimes\base_v7\java\jre\lib\security and get the latest files for IBM JDK and replace with these existing files and restart. Do not get these files below from as IBM uses it's own SDK.

Steps to download the IBM JDK security files:

This step would be required on all the server environments similarly to update the policy files.


  1. Very nice blog and articles. I am realy very happy to visit your blog. Now I am found which I actually want. I check your blog everyday and try to learn something from your blog. Thank you and waiting for your new post.