|Applies To||RSA BSAFE Crypto-J|
RSA BSAFE Cert-J
RSA BSAFE SSL-J
|Issue||Llibrary dependencies and CLASSPATH ordering|
Jar files delivered with the products are sealed, and some of the jars contain duplicate class files and / or packages.
Is there a dependency on the classpath order of the following jars: jsafe.jar jsafeJCE.jar sslj.jar certj.jar?
Cert-J comes packaged with a version of Crypto-J. SSL-J also comes packaged with versions of both Cert-J and Crypto-J. This is because Cert-J and SSL-J need these other libraries to operate. Cert-J and SSL-J have only been tested with the versions of the libraries that come packaged with them, but any version after these should also work. To be safe, use those libraries that come packaged together. If you need newer features offered by the latest versions of Cert-J or Crypto-J, however, you should be able to use these without trouble. The order that you include them in your classpath shouldn't matter, but you should make sure to only include one version of Crypto-J and SSL-J.
The Crypto-J JCE provider is not used by and does not conflict with these other libraries. It contains the same classes as the regular Crypto-J library, but they are in a different package. You should be able to include either jsafeJCE.jar or jsafeJCEFIPS.jar (not both) in the same classpath with the other libraries. If you statically register the provider and place the JAR in [JDK install dir]\jre\lib\ext, you should not need it in your classpath.
|Legacy Article ID||a38400|