Hello,
I am trying to get my loxone binding to work but keep getting the same error (see subject).
When looking at the binding doc i see this.
Encryption AES-256 JRE must have unrestricted security policy configured
Because i am using openhasbian i am connected with putty but i can not find a way to enable java in putty. I am a total noob in linux so i probalby missed the correct way to find it.
Thanks for your help
Java is running but this would imply the latest version is not installed. The unrestricted policy for encryption is now enabled by default in v9 and latest versions of 6 - 8
Java 9: Any official release!
Java 8u161 or later (Available now)
Java 7u171 or later (Only available through āMy Oracle Supportā)
Java 6u181 or later
I just used the automated install from openhasbian on my pi.
it says that there is the āZulu Embedded OpenJDK Java 8ā provided
OK .. I assume
java -version
returns too low a version.
I think you need this download , there is a read me in the zip file.
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
I think I had to do this a while back but recently it has just worked
.. or perhaps you can update your java version but the above is probably easier.
Thanks for the help.
This is my version
[06:49:47] openhabian@openHABianPi:~$ java -version
openjdk version ā1.8.0_152ā
OpenJDK Runtime Environment (Zulu Embedded 8.25.0.76-linux-aarch32hf) (build 1.8.0_152-b76)
OpenJDK Client VM (Zulu Embedded 8.25.0.76-linux-aarch32hf) (build 25.152-b76, mixed mode, Evaluation)
I have downloaded it to my windows. I unforunate do not know a way to move it to the correct folder.
I have found that i have zulu java. So i tried following these steps =>
https://github.com/openhab/openhabian/issues/111
wget http://cdn.azul.com/zcek/bin/ZuluJCEPolicies.zip
unzip ZuluJCEPolicies.zip
cd ZuluJCEPolicies
cp *.jar /usr/lib/jvm/zulu-embedded-8-armhf/jre/lib/security
reboot
But it failed on the cp command.
[06:37:25] openhabian@openHABianPi:~$ unzip ZuluJCEPolicies.zip
Archive: ZuluJCEPolicies.zip
creating: ZuluJCEPolicies/
inflating: ZuluJCEPolicies/LICENSE
inflating: ZuluJCEPolicies/README.txt
inflating: ZuluJCEPolicies/DISCLAIMER
inflating: ZuluJCEPolicies/local_policy.jar
inflating: ZuluJCEPolicies/US_export_policy.jar
[06:37:34] openhabian@openHABianPi:~$ cd ZuluJCEPolicies
[06:37:41] openhabian@openHABianPi:~/ZuluJCEPolicies$ cp *.jar /usr/lib/jvm/zulu-embedded-8-armhf/jre/lib/security
cp: cannot create regular file ā/usr/lib/jvm/zulu-embedded-8-armhf/jre/lib/security/local_policy.jarā: Permission denied
cp: cannot create regular file ā/usr/lib/jvm/zulu-embedded-8-armhf/jre/lib/security/US_export_policy.jarā: Permission denied
I can not find the files that need to be overwritten in the folder
[06:40:51] openhabian@openHABianPi:/usr/lib/jvm/zulu-embedded-8-armhf/jre/lib/security$ ls
blacklisted.certs cacerts java.policy java.security policy
So i went deeper and found this
[06:57:21] openhabian@openHABianPi:/usr/lib/jvm/zulu-embedded-8-armhf/jre/lib/security/policy/unlimited$ ls
local_policy.jar US_export_policy.jar
That are the files but they are red. (they are also red in the limited folder) And i also can not do the cp command to that file.
I think i am doing something wrong here
I found this on the forum here =>
Please follow these instruction to update your java security policy files
I fixed by following instructions here
suhothayan.blogspot.com 33
How to install Java Cryptography Extension (JCE) unlimited strength jurisdictionā¦
How to over come āorg.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parametersā or "java.security.Invā¦overwrote files in both JRE and JDK security settings, restarted Java and opehab and now connected.
You will need to copy into $JAVA_HOME/jre/lib/security/policy/unlimited
the files local_policy.jar and US_export_policy.jarmake sure you have read and excutable permission for all
i.e. use chmod a+rx local_policy.jar
I tried the last command
[06:48:18] openhabian@openHABianPi:/usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/jre/lib/security$ chmod a+rx local_policy.jar
chmod: changing permissions of ālocal_policy.jarā: Operation not permitted
What did i do wrong?
Tanks
Hi
I think you need to run cp and chmod commands as super user, try:
sudo cp ā¦
sudo chmod ā¦
Pawel
Followed these instructions again but with the sudo in it
https://github.com/openhab/openhabian/issues/111
wget http://cdn.azul.com/zcek/bin/ZuluJCEPolicies.zip
unzip ZuluJCEPolicies.zip
cd ZuluJCEPolicies
sudo cp *.jar /usr/lib/jvm/zulu-embedded-8-armhf/jre/lib/security
reboot
And it works 
Thanks all for the help
Sorry for the question
were do i have do type these comments in ?
In the openhab Console ?
thanks for your help
Indeed in the console.
I used putty with SSH tot connect with the Raspberry.
Iād like to bring this thread back up, as Iām currently facing the same issue.
Iām running openHAB 4.3.5 in a Docker container (based on the āAboutā page, itās using Java 17). From what I understand, Java versions from 9 onwards should include the Unlimited Cryptography Policy by default.
The links in the binding documentation related to this topic point to quite old posts that are not really of much help in this case.
Has anyone encountered this issue with the current Docker image? Or does anyone have suggestions on how to resolve it?
For additional context: my Miniserver is a Gen 2 and has the HTTPS interface enabled. As I understand it, the binding should not apply any additional encryption in this case. Could this be related to the error message Iām seeing?
I also looked for the webSocketType parameter in the current binding (Thing configuration), but couldnāt find it - even with advanced settings enabled.
Iāve verified the Java settings in the Docker container: thereās no override of the crypto policy, so it defaults to āunlimited.ā This suggests something else might be causing the issueā¦
Edit:
I found the issue! The Docker container had the CRYPTO_POLICY environment variable set to limited. After changing it to unlimited, the connection started working. It appears this setting is part of the default openHAB Docker image.