Due to import control restrictions the standard encryption shipped with most Java implementations is limited.
While this article is about OpenJDK on RHEL, I should also point out that OpenJDK for Windows can also be downloaded from developers.
As of 2006, changes to specification to support changes proposed to the class file format (JSR 202) are being done as a maintenance release of JSR 924.
In order to work around this issue it is generally necessary to agree to not violate export regulations before you can then download the Java Cryptography Extension (JCE) for your JDK and install it.
To understand a bit more about how this works and why it provides an upgrade safe approach to the JCE policy files one can inspect the install scripts in the RPM packages.
It might be possible to manually update OpenJDK separately, but this is generally not tested nor is it supported by Red Hat.
As pointed out in another answer and in Oracle's release notes for Java 8 Update 161, unlimited cryptography is enabled by default since Update 161 and you shouldn't have to do anything if using a fresh installation of this version.
After performing an update to the latest version of Java it would be nice to have a reminder at the end of the instructions to restart Tomcat and verify the JCE files are correctly installed.
As updates of the JRE are pushed by Red Hat the unlimited JCE policy files should continue to be utilized by each subsequent upgrade.
Red Hat will support multiple LTS major versions, but only the latest minor version will be supported with patches if there are JVM crashes or other JVM issues.
Download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files from Oracle or IBM.
When you use an automated installer to install Reflection for the Web, the JCE Unlimited strength policy files are applied for you.
In addition, Free Download Manager for macOS and Windows allows you to adjust traffic usage, organize downloads, control file priorities for torrents, efficiently download large files and resume broken downloads.
As a note, in OpenJDK as of 8b161, unlimited cryptography policy is enabled by default (previously you had to download the unlimited strength files manually from Oracle).
All this to say, when installing then unlimited strength JCE files, install them in both directories listed above to get consistent behavior.
During the trial period AIDA64 may offer limited functionality, and may not display all data on the information and benchmark result pages.
However the codename displayed is mostly cosmetical and JCE will still choose the good assembly based on your CPU instruction set.
Our internet download manager is compatible with the most popular browsers Google Chrome, Mozilla Firefox, Microsoft Edge, Internet Explorer and Safari.
Reflection for the Web requires the Java Cryptography Extension (JCE) Unlimited Strength Policy Files.
It might be nice for those of us long time admins, who have it permanently etched into their memory to always install the JCE files, to have a brief statement of why the JCE files are no longer needed.
Download and unzip the add_gpedit_msc zip file containing all the components to add the Group Policy Editor to Windows 10 Home.
In the alternatives system the higher number takes precedence placing our custom deployment of the JCE policy files above and beyond any of the RPM package deployments.
Answers suggesting to install the JCE files via Homebrew won't work anymore, as the casks were deleted from the Homebrew repository after release of the Java 8 Update 151.
The JCE in OpenJDK has an open cryptographic interface, meaning it does not restrict which providers can be used.
