How to install Unlimited Strength Jurisdiction Policy Files?

You need to determine your Java home path (either via System.getenv("JAVA_HOME") from Java or $ echo $JAVA_HOME on the command line). It should be a path like the following:

• C:\Program Files\Java\jre8 on Windows
• /Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home on Mac OS X
• /usr/java/jdk1.8.0_101/bin/java on *nix

You then need to copy the US_export_policy.jar and local_policy.jar files you downloaded into the directory: <JAVA_HOME>/jre/lib/security and overwrite the existing files of the same name.

Updated 05/17/17

The following code (for demonstration purposes only) will instruct the JVM that it is allowed to use AES-256 bit encryption and corresponding TLS ciphers regardless of the policy files installed. It is not recommended to employ this method.

if (Cipher.getMaxAllowedKeyLength("AES") < 256) {
  try {
    Field field = Class.forName("javax.crypto.JceSecurity").
    getDeclaredField("isRestricted");
    field.setAccessible(true);
    field.set(null, java.lang.Boolean.FALSE);
  } catch (Exception e) {
    fail("Could not override JCE cryptography strength policy setting");
    fail(e.getMessage());
  }
}

2018-01-15 Update

According to JDK-8170157, since JDK 6u181, 7u171, 8u161, 9b148 unlimited cryptographic policy is enabled by default. So all you have to do is just upgrade to the corresponding baseline.

Original answer

Since Java 9 and Java 8u151 there's no need to download and manually install jurisdiction policy files anymore. According to release notes:

In older releases, JCE jurisdiction files had to be downloaded and installed separately to allow unlimited cryptography to be used by the JDK. The download and install steps are no longer necessary. To enable unlimited cryptography, one can use the new crypto.policy Security property. If that new Security property is set in the java.security file, or has been set dynamically by using the Security.setProperty() call before the JCE framework has been initialized, that setting will be honoured. By default, the property will be undefined. If the property is undefined and the legacy JCE jurisdiction files don't exist in the legacy lib/security directory, then the default cryptographic level will remain at limited. To configure the JDK to use unlimited cryptography, set the crypto.policy to a value of unlimited. See the notes in the java.security file shipping with this release for more information.