Try accessing your cert file using a full system path to your cacert file within your EJB to make sure this is not an issue with locating the cacert file.
Also, did you try getting an input stream to the cert file in your EJB and make sure the file is actually being located and read.
AFAIK, JBoss does not specifically block access to any crypto related files
I'm not accessing the cacerts file explicitly, I'm calling JCE KeyGenerator to create a key. When I call KeyGenerator.getInstance("DES"), I get the SecurityException when I'm running in container. I don't get this exception while running out of container. As far as I can tell, I'm using the same JVM for both Jboss and outside of jboss.
Do I need to include the JCE jars in the EJB/EAR or include them in the classpath when I startup JBoss? The JCE jars are in the <java_home>/jre/bin/ext and the cacerts file is in <java_home>/jre/bin/security.
are you sure the jars are located in <java_home>/jre/bin and not
You might want to look at the following things in your setup:
1) Make sure the <java_home>/jre/lib/security/java.security file has the proper priority order for the JCE providers you are trying to use
2) If you are trying to use the SUN_JCE provider make sure its provider is available in the <java_home>/jre/lib/ext directory (sunjce_provider.jar)
If you are trying to use the built-in JCE providers I don't think you need to include the jar files in the EJB/EAR module.
Thanks for the suggestions. In order to fix the problem, I uninstalled all copies of the Java (I had several) and reinstalled the JVM and the security files from sun.