CA Mainframe Chorus JBOSS server will not start and returns a hardware encryption error.

Document ID : KB000003965
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

The following hardware encryption error is received and the CA Mainframe Chorus JBoss server does not start:

 

Caused by: com.ibm.crypto.hdwrCCA.provider.JCECCARuntimeException: 

Hardware error from call CSNBRNGL returnCode 16reasonCode 4 

com.ibm.crypto.hdwrCCA.provider.SecureRandom.engineNextBytes 

(SecureRandom.java:104) 

java.security.SecureRandom.nextBytes(SecureRandom.java:287)

 

The default java.security that is in use for the JVM contains a provider definition that cannot be supported by the hardware.

Resolution:

This problem can be remedied by following these steps:

 

1. Copy the java.security file from its default location in $JAVA_HOME/lib/security to the CA Mainframe Chorus directory $INSTALL_HOME/config. 

 

2. Edit the copy of java.security in $INSTALL_HOME/config as follows (Note: This file is in EBCDIC format): 

 

a. Locate the following entry in the list of security provider definitions in this file (Note: The index number may be different):

security.provider.2=com.ibm.crypto.hdwrCCA.provider.IBMJCECCA 

 

b. Delete the line that you located in the previous step, and adjust the index numbers of the remaining security.provider entries accordingly.

 

c. Save the edited file.

 

 

3. Edit the ENV member of the CA Mainframe Chorus CETJOPTN data set as follows: 

 

a. Insert the following line immediately above export IBM_JAVA_OPTIONS="$IJO": 

IJO="$IJO -Djava.security.properties=${INSTALL_HOME}/config/java.security"

 

b. Save the edited file.