E_ADEPT_UNKNOWN and JsafeJCE provider self-integrity check failed
Estimated Reading Time: 3 MinutesWith the introduction of Java 7u141 and 8u131, Oracle decided that it was time to disable MD5 signatures. While everyone can agree that this was a good decision, it does cause some havoc with software that still uses MD5 signed JAR files. Adobe Content Server has several components that are signed with MD5 and are blocked from executing in the JVM environment.
The error is a bit tricky to properly identify and only comes up when trying to package PDF files. The UploadTest utility will complain and throw the following error:
Sending Package Request There was an error with the Package Request <error xmlns="http://ns.adobe.com/adept" data="E_ADEPT_UNKNOWN http://your.company.com:8080/packaging/Package"/>
This error is very vague. To find the real error, we have to look at the ACS log files, specifically a file called packaging.log. After reading through it, you should come across the following error, or something close to it:
23 Aug 2017 15:21:18,723 ERROR AdeptServlet: Unknown error [10.0.0.1] java.lang.ExceptionInInitializerError at com.adobe.adept.packaging.servlet.Package.doPost(Package.java:531) at com.adobe.adept.packaging.servlet.Package.doPost(Package.java:62) at com.adobe.adept.servlet.AdeptServlet.doPost(AdeptServlet.java:176) at com.adobe.adept.servlet.AdeptServlet.doPost(AdeptServlet.java:289) at javax.servlet.http.HttpServlet.service(HttpServlet.java:647) at javax.servlet.http.HttpServlet.service(HttpServlet.java:728) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1152) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:622) at java.lang.Thread.run(Thread.java:748) Caused by: java.lang.SecurityException: JsafeJCE provider self-integrity check failed at com.rsa.jsafe.provider.JsafeJCE.<init>(Unknown Source) at com.adobe.adept.packaging.pdf.PDFPackager.<clinit>(PDFPackager.java:89) ... 22 more
At the end of that long line of JVM error output, you'll notice the following text:
Caused by: java.lang.SecurityException: JsafeJCE provider self-integrity check failed at com.rsa.jsafe.provider.JsafeJCE.<init>(Unknown Source) at com.adobe.adept.packaging.pdf.PDFPackager.<clinit>(PDFPackager.java:89) ... 22 more
This is your true error. So now that we have that figured out, let's fix it.
You must open and modify a Java file called 'java.security' within your Java installation. Around line 548 or so, you'll find the following string:
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
You need to remove the 'MD5' reference so that the text appears like this:
jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024
After you've done this all that's required is to restart Tomcat. Just remember that if you were to ever update Java again to a new version, you'll have to make this update every time. The change does not persist.