1. Cas startup says "JCE Installed: Yes " but fails to find AES??
2. Isn't unlimited the default and verified by the jsunscript test?
# Cryptographic Jurisdiction Policy defaults
#
# Import and export control rules on cryptographic software vary from
# country to country. By default, the JDK provides two different sets of
# cryptographic policy files:
#
# unlimited: These policy files contain no restrictions on cryptographic
# strengths or algorithms.
#
# limited: These policy files contain more restricted cryptographic
# strengths, and are still available if your country or
# usage requires the traditional restrictive policy.
#
# The JDK JCE framework uses the unlimited policy files by default.
# However the user may explicitly choose a set either by defining the
# "crypto.policy" Security property or by installing valid JCE policy
# jar files into the traditional JDK installation location. To better
# support older JDK Update releases, the "crypto.policy" property is not
# defined by default. See below for more information.
#
# The following logic determines which policy files are used:
#
# <java-home> refers to the directory where the JRE was
# installed and may be determined using the "java.home"
# System property.
#
# 1. If the Security property "crypto.policy" has been defined,
# then the following mechanism is used:
#
# The policy files are stored as jar files in subdirectories of
# <java-home>/lib/security/policy. Each directory contains a complete
# set of policy files.
#
# The "crypto.policy" Security property controls the directory
# selection, and thus the effective cryptographic policy.
#
# The default set of directories is:
#
# limited | unlimited
#
# 2. If the "crypto.policy" property is not set and the traditional
# US_export_policy.jar and local_policy.jar files
# (e.g. limited/unlimited) are found in the legacy
# <java-home>/lib/security directory, then the rules embedded within
# those jar files will be used. This helps preserve compatibility
# for users upgrading from an older installation.
#
# 3. If the jar files are not present in the legacy location
# and the "crypto.policy" Security property is not defined,
# then the JDK will use the unlimited settings (equivalent to
# crypto.policy=unlimited)
#
# Please see the JCA documentation for additional information on these
# files and formats.
#
# YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
# TO DETERMINE THE EXACT REQUIREMENTS.
#
# Please note that the JCE for Java SE, including the JCE framework,
# cryptographic policy files, and standard JCE providers provided with
# the Java SE, have been reviewed and approved for export as mass market
# encryption item by the US Bureau of Industry and Security.
#
# Note: This property is currently used by the JDK Reference implementation.
# It is not guaranteed to be examined and used by other implementations.
#
#crypto.policy=unlimited
# pwd; find .
/usr/java/jdk1.8.0_162/jre/lib/security
.
./cacerts
./javaws.policy
./trusted.libraries
./java.security
./blacklisted.certs
./java.policy
./blacklist
./policy
./policy/limited
./policy/limited/US_export_policy.jar
./policy/limited/local_policy.jar
./policy/unlimited
./policy/unlimited/US_export_policy.jar
./policy/unlimited/local_policy.jar
-William