Not sure if you ever got this working but today I ran into the same issue and worked with Hortonworks support and we resolved the issue. Here were my steps to resolve it:
-We saw in /var/log/ranger/kms/catlina.out the following error
java.security.InvalidKeyException: Illegal key size at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039) at javax.crypto.Cipher.implInit(Cipher.java:805) at javax.crypto.Cipher.chooseProvider(Cipher.java:864) at javax.crypto.Cipher.init(Cipher.java:1396) at javax.crypto.Cipher.init(Cipher.java:1327)
-The root cause of the error is that Java is unable to support the current key size and we need to use 256-bit keys. So we had to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy File on all hosts in the cluster. This is the prerequisite of the Ranger-KMS installation
-We use openjdk1.8 on our nodes and if you use the OpenJDK package, the JCE file is already built into the package.
-But we ran into a bug with our OS (RHEL-7) in which OpenJDK doesn’t roll out the latest JCE
-So we just downloaded the latest JCE for our java version from http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
-We took a backup of old JCE files (US_export_policy.jar and local_policy.jar) and replaced them with the latest ones. The backups are now in /usr/java/jdk1.8.0_121/jre/lib/security/bkp and the new ones are in /usr/java/jdk1.8.0_121/jre/lib/security
-After that we started the Ranger-KMS services which started successfully. We also restarted all components on the cluster that needed a restart after installing Ranger and Ranger-KMS. All came up successfully.
-Ranger-KMS is now working properly.
Hope this helps you or anyone else that has this issue!!
Can you post your solution as a reply to the topic so I can mark it as the accepted answer? This actually worked for us.