Overview

While trying to import X.509 certificates to Intermediary, you may get the following error

<event>
  ...
  <msg>SECU3013: Error encountered while decoding security key. Reason: java.io.IOException: exception decrypting data - java.security.InvalidKeyException: Illegal key size
java.io.IOException: exception decrypting data - java.security.InvalidKeyException: Illegal key size
    at com.actional.soapstation.security.SSTCertificateService.decodeSecurityKey(SSTCertificateService.java:607)
    at com.actional.soapstation.task.CertificateTask.getKeyCertificateInfo(CertificateTask.java:710)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
...

Solution

This can be solved by downloading the Java Cryptography Extension (JCE) with unlimited key length from Oracle to resolve the issue.

Please additionally make sure you are using Java 7 and you can validate so by checking the error logs for the entries against the keys java.runtime.version or java.version which should be 1.7.xxx, and that the local_policy.jar and US_export_policy.jar are on disk at the correct location for the 1.7 Java version to use.

More notes on the installation of the JARs can be found here.

Testing

The certificates should get imported successfully.