Skip to main content

Receiving error Caused by: java.lang.IllegalArgumentException: Cannot support TLS_RSA_WITH_AES_256_CBC_SHA with currently installed providers on DSE startup after setting up client-to-node encryption

Summary

The documentation for client-to-node encryption does not specify that in order to enable client-to-node encryption, the jce libraries must be installed.  

Symptoms

When they are not installed you will see the error Caused by: java.lang.IllegalArgumentException: Cannot support TLS_RSA_WITH_AES_256_CBC_SHA with currently installed providers in the cassandra system.log

Cause

The Oracle Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 must be installed when enabling client-to-node encryption.

 

Solution

  1. Download the JCE
    1. JAVA 8
    2. JAVA 7
    3. JAVA 6
  2. Unzip the downloaded file
  3. Place the two jars from the zip file into  <java_jre_install_dir>/lib/security/ if running the jre or <java_jdk_install_dir>/jre/lib/security if running the jdk
  4. Restart dse
Was this article helpful?
5 out of 5 found this helpful
Return to top

Related articles

Didn’t find what you’re looking for?

SUBMIT A TICKET