IBM InfoSphere BigInsights Version 3.0

Downloading the Java Cryptography Extension

If 256-bit Advanced Encryption Standard (AES) is configured as one of the KDC encryption types in your cluster, then you must download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy File before you install InfoSphere® BigInsights™.

Before you begin

Download the JCE file from the IBM software site.

About this task

By default, Java is bundled with 128-bit AES encryption. Kerberos uses 256-bit AES encryption, so you must download the JCE for compatibility. Alternatively, you can configure Kerberos to not use 256-bit AES encryption, but this method is not recommended.


  1. Extract the contents of the IBM Java Development Kit (JDK) from the /artifacts directory of your biginsights-version-edition-*.tar.gz file, where version is the release number and edition is the edition of InfoSphere BigInsights that you are installing.
  2. From the JCE file that you downloaded, copy the local_policy.jar file and the US_export_policy.jar file into the $JDK_FOLDER/jre/lib/security directory, where $JDK_FOLDER is the directory where your IBM JDK exists.
  3. Compress the $JDK_FOLDER, then replace the contents of artifacts/ibm-java-sdk-version_info.tgz with the compressed $JDK_FOLDER.

What to do next

Generate keytabs then install InfoSphere BigInsights with JCE enabled Java.