Posted on by Maurice Ruckman

256 bit encryption for Safenet

-----Original Message-----
From: Guillaume Radde [mailto:guillaume.radde@redhat.com]
Sent: Tuesday, May 22, 2012 6:11 PM
To: Ruckman, Maurice (HAL)
Cc: Hoggard, Chad (HAL); Augustine, Anila (HAL); HAL DistList: IS UNIX
Subject: 256 bit encryption for Safenet

(Added missing link)

Below are the steps to enable 256 bits encryption. This would need to be done on all JBoss servers and developer-vms.

1) Don't listen to instruction from non-RedHat sources, they pretty much all make you break your RHEL java rpm install, which will cause problem during the next java update.

2) Download the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" from [1]. Accept the license on the page and download jce_policy-6.zip.

3) Unzip the zip content into /opt. Your folder structure should look like this:

/opt/jce
/opt/jce/local_policy.jar
/opt/jce/US_export_policy.jar

3a) After you copy the files into /opt/jce you should change the ownership to root
chown -R root.root jce

4) Run the following command as root:
sudo su -
rm -f /usr/lib/jvm/jre-1.6.0-sun.x86_64/lib/security/{local,US_export}_policy.jar && update-alternatives --install /usr/lib/jvm/jre-1.6.0-sun.x86_64/lib/security/local_policy.jar jce_1.6.0_sun_local_policy.x86_64 /opt/jce/local_policy.jar 160200 --slave /usr/lib/jvm/jre-1.6.0-sun.x86_64/lib/security/US_export_policy.jar jce_1.6.0_sun_us_export_policy.x86_64 /opt/jce/US_export_policy.jar

5) Now update to the new links, choose option 2:

update-alternatives --config jce_1.6.0_sun_local_policy.x86_64

6) That's it :-)

[1] http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html

-------------------------------------
Guillaume Radde
Senior Consultant, Red Hat Consulting
guillaume.radde@redhat.com
http://www.redhat.com
-------------------------------------

Notes: You are updating the links with step #4.  For example, before changes:

[root@haldevjbs04 /opt/jce]$  ls -l /etc/alternatives | grep -i jce
lrwxrwxrwx 1 root root 71 Feb  1 12:41 jce_1.6.0_sun_local_policy.x86_64 -> /usr/lib/jvm-private/java-1.6.0-sun.x86_64/jce/vanilla/local_policy.jar
lrwxrwxrwx 1 root root 75 Feb  1 12:41 jce_1.6.0_sun_us_export_policy.x86_64 -> /usr/lib/jvm-private/java-1.6.0-sun.x86_64/jce/vanilla/US_export_policy.jar

Leave a Reply