have a look at
http://bouncy-castle.1462172.n4.nabble.com/JCE-cannot-authenticate-the-provider-BC-KeyStore-td4659669.html The issue may be the different signature hash algo: SHA-1 vs SHA-256
Although SHA-256 was published in 2001 (source: wikipedia) most crypto
stuff kept using SHA-1 for signatures all through mid of 2010s and
didn't bothered to even implement a signature validation. So anything as
old as still using SHA-1 preferred to SHA-256 mostly only can/does SHA-1
signature verify - if it encounters a SHA-256 it just can't verify it.
As also in the linked topic - just for personal interest: What's the
reason for you still rely on Java6? I know about old XP systems still in
use in industrial environments like controllers for heavy CNC machinery
- but crypto stuff mostly means the system has at least some connection
to the internet - in wich such old versions shouldn't be used for
security reasons. On the other hand: if you using such an old
environment - why you want to update to latest bouncycastle instead of
using one or two older wich works?
Am 01.08.2019 um 18:18 schrieb Juan Carlos Buitrago:
> I'm creating a project using bcprov-jdk15on-162, but it must run in
> java 1.6 (I know). But when trying to register the provider, I get the
> following message:
> java.lang.SecurityException: JCE cannot authenticate the provider BC
> Researching the problem, I found that previous versions of the
> provider are signed by:
> CN=JCE Code Signing CA,OU=Java Software Code Signing,O=Sun
> Microsystems Inc,L=Palo Alto,ST=CA,C=US
> Meanwhile, this new version is signed by both the previous one and:
> CN=JCE Code Signing CA,OU=Java Software Code Signing,O=Oracle Corporation
> I've already included the provider line in java.security and added the
> new jar to java lib/ext but the issue persists.
> I've also tried registering the provider dynamically like:
> Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
> But no luck.
> How do I solve this problem for JRE 1.6?