Skip to Content

Dear Friends,

As we all know with the secure connectivity add on, SAP provides us with the PGP module. As part of the installation of this package, there is a guideline to install unlimited JCE on the PI server.

If unlimited JCE is not installed properly, then you get a bounty castle exception on the communication channel while using the PGP module.

What I have seen twice in different projects is that the jar files required for unlimited JCE from Oracle’s website are usually dated older than the actual jars present in the PI system. And due to this, I have seen the technical basis person to ignore these jar files assuming that the latest jars are already available. Also, at times a restart was not taken and hence the unlimited jce policy was never applied.

I have found a handy trick to test if unlimited JCE is properly installed on the PI box or not. I’m not detailing the steps needed to create a message mapping etc as there are enough resources available for that.


  • Create a dummy message mapping. Use any existing message type for both source and target.
  • Create a text UDF. Import javax.crypto.Cipher and put the below code snippet

getTrace.addWarning("" +Cipher.getMaxAllowedKeyLength("AES"));
return "";

Attach this UDF to any target field(Preferably root) and perform a “Display Queue”.

If the trace warning gives a value of 128, then it indicates that the unlimited JCE is not installed properly. If it is installed properly, then 2147483647 should be the value.

Hope this helps the community.

To report this post you need to login first.


You must be Logged on to comment or reply to a post.

  1. Andy Silvey

    Hi Varun,

    this is indeed a neat trick.

    How many times have I has to unzip and look in the manifest etc to check the JCE policy status.



  2. Former Member
    1. Former Member

      Hi Priyank,

      Hope you already solved it, if not you just have to use Try Catch loop to get the value

      getTrace().addWarning(“” +Cipher.getMaxAllowedKeyLength(“AES”));
      return “”;
      catch(Exception e)
      return “”;

      once you have this code and display trace, the exception should show the value as either 128 orĀ 2147483647


Leave a Reply