General information about security providers
Overview of the security providers in the SDK.
The IBM security providers are signed with the SHA256withRSA signature algorithm to enhance the security of JAR file signing and verification.
Default security providers
- security.provider.1=com.ibm.jsse2.IBMJSSEProvider2
- security.provider.2=com.ibm.crypto.plus.provider.IBMJCEPlus
- security.provider.3=com.ibm.crypto.provider.IBMJCE
- security.provider.4=com.ibm.security.jgss.IBMJGSSProvider
- security.provider.5=com.ibm.security.cert.IBMCertPath
- security.provider.6=com.ibm.security.sasl.IBMSASL
- security.provider.7=com.ibm.xml.crypto.IBMXMLCryptoProvider
- security.provider.8=com.ibm.xml.enc.IBMXMLEncProvider
- security.provider.9=com.ibm.security.jgss.mech.spnego.IBMSPNEGO
- security.provider.10=sun.security.provider.Sun
Default security providers for HP-UX, Solaris, and Mac OS
- security.provider.1=com.ibm.security.jgss.IBMJGSSProvider
- security.provider.2=sun.security.provider.Sun
- security.provider.3=com.ibm.crypto.provider.IBMJCE
- security.provider.4=com.ibm.jsse2.IBMJSSEProvider2
- security.provider.5=com.ibm.security.cert.IBMCertPath
- security.provider.6=com.ibm.security.sasl.IBMSASL
- security.provider.7=com.ibm.xml.crypto.IBMXMLCryptoProvider
- security.provider.8=com.ibm.xml.enc.IBMXMLEncProvider
- security.provider.9=com.ibm.security.jgss.mech.spnego.IBMSPNEGO
Using other providers
You can also add other IBM security providers, such as the IBMJCEFIPS provider (com.ibm.crypto.fips.provider.IBMJCEFIPS), using one of these methods:
- To add a new provider statically, edit a Java™ security properties file. For example, the java.security file.
- To add a new provider from within your application, use the methods of the
java.security.Security class. For
example:
java.security.Security.addProvider()
On HP-UX, Solaris, and Mac OS, these security providers can be used as replacements for some of the public API packages. IBM uses the Endorsed Standards Override Mechanism to implement these providers in the development kits. This mechanism is the officially supported method for overriding existing API implementations. For further information about the Endorsed Standards Override Mechanism, see .https://docs.oracle.com/javase/8/docs/technotes/guides/standards/index.html