If the new Security property (crypto.policy) is set in the java.security file, or has been set dynamically using the Property() call before the JCE framework has been initialized, that setting will be honored. If the property is undefined and the legacy JCE jurisdiction files don't exist in the legacy lib/security directory, then the default cryptographic level will remain at 'limited'.To configure the JDK to use unlimited cryptography, set the crypto.policy to a value of 'unlimited'.
Because the old JCE jurisdiction files are left in , they may not meet the latest security JAR signing standards, which were refreshed in 6u131, 7u121, 8u111, and later updates.They will be patched only if the end user has them installed on the system. link above is to the Solaris OS Install Directions for the JDK.If the specified default key size is not a parseable decimal integer, that entry will be ignored as well. The DSA Key Pair Generator implementation of the SUN provider no longer implements java.security.interfaces. Applications which cast the SUN provider's DSA Key Pair Generator object to a java.security.interfaces.DSAKey Pair Generator can set the system property "jdk.security.legacy DSAKey Pair Generator".