If you want to enable the XML encryption feature and your web container is running JDK 1.4, or you are running IBM Websphere (JDK 1.4 and 1.5) as your web container, follow this procedure to use Bouncy Castle to generate a transport key.
The Bouncy Castle Crypto API is a Java implementation of cryptographic algorithms.
Download the Bouncy Castle provider from Bouncy Castle.
For example, if using JDK 1.4, download the bcprov-jdk14-136.jar.
Copy the downloaded file to the jdk_root/jre/lib/ext directory.
OPTIONAL: If using the domestic version of the JDK, download the appropriate JCE Unlimited Strength Jurisdiction Policy Files from java.sun.com.
If using IBM WebSphere, go to http://www.ibm.com to download additional required files.
OPTIONAL: Copy the downloaded US_export_policy.jar and local_policy.jar files to the jdk_root/jre/lib/security directory.
Edit the jdk_root/jre/lib/security/java.security file to add Bouncy Castle as one of the providers.
For example, security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider
Set the com.sun.identity.jss.donotInstallAtHighestPriority property in the AMConfig.properties file to true.
Restart the web container.