Support Article
Unable to restart application server
SA-90516
Summary
Unable to restart the application server.
Error Messages
536 [ce Thread Pool -- 71] [ ] [ ] [ ] (util.crypto.PRCryptoImpl) ERROR - Unable to initialize Bouncy Castle JCE provider
java.lang.NoSuchFieldError: as_sys_sec_alg_ideaCBC
Steps to Reproduce
Restart the application server.
Root Cause
A different version of the same Bouncy Castle jar that Pega provides with the platform is also available on classpath. Hence, the user is unable to initialize the Bouncy Castle Java Cryptography Extension (JCE) provider. Exception during startup processing (CryptographicException: decrypt: No site-specific cipher algorithm)
occurs when there is an update or immediate local change applied or a hotfix installed. Any hotfix installed creates programmatic issue such that the setting for the Site-Specific Cipher is either not present or changed.
Resolution
Perform the following local-change:
Bouncy Castle exception issue
- Remove multiple jars from the database
- Keep one version of the jar
CrptographicException issue
- Verify the prconfig.xml for the settings.
- Set the Site-Specific Cipher in prconfig as below if prconfig.xml is unavailable
<env name="crypto/sitecipherclass" value="XXX.YYY.ZZZZ" /> (Specify the Site-Specific Cipher in the value)
For example, “<env name="crypto/sitecipherclass" value="com.pega.pegarules.exec.internal.util.crypto.PRCipherSampleBF"/>” (Specify the Site-Specific Cipher in the value)
Perform the below steps if there is no specific cipher in the environment for the second case:
- Implement Site-Specific Cipher in Pega
- Import the KeyStore and Web Services Security (WS-Security, WSS) profile rules from the previous version
- Revalidate the rules
Published May 6, 2020 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.