Blog

ColdFusion AES 256 JCE Unlimited Policy Files

May 12, 2017

While using ColdFusion’s Encrypt() function I received this error:

The key specified is not a valid key for this encryption: Illegal key size or default parameters. If encryption key size is greater than 128 bits make sure to insall JCE Unlimited Strength Policy Files. Use the generateSecretKey method to generate a valid key for this operation.

The solution is pretty straight forward, but not well documented.

First download the the APPROPRIATE version of the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. You can review your Java version inside the ColdFusion Administrator > Java and JVM tab. You’ll also need to note the path to the JVM used by ColdFusion from the same tab.

The Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files will come as two JAR files:

local_policy.jar
US_export_policy.jar

Use these files to replace the existing files in:

{Coldfusion JVM Path}\lib\security\

NOTE: You should create backups of the existing files before replacing them.

0 Comments

Leave Your Comment

Your email address will not be published. Required fields are marked *


about me

An information technology professional with twenty five years experience in systems administration, computer programming, requirements gathering, customer service, and technical support.