Additional libraries needed for SFTP ciphers |
Top Previous Next |
If you are planning to use the non-default ciphers that are included as part of JSCAPE MFT Server SFTP service, then you may need to install the JCE Unlimited Strength Jurisdiction Policy Files distributed by Oracle.
The default ciphers that are supported by the SFTP service include:
If you are only using the default enabled ciphers then installing the Unlimited Strength Jurisdiction Policy Files is not necessary.
Examples of non-default ciphers that require installing the Unlimited Strength Jurisdiction Policy Files include but are not limited to aes, twofish, serpent, idea and cast.
Due to export restrictions, the version of the policy files bundled by default with older versions of the JDK allow "strong" but limited cryptography to be used. The "unlimited strength" policy files contain no restrictions on the cryptographic strengths.
Download Unlimited Strength Jurisdiction Policy Files
As indicated in the Oracle website, JDK 9 and later already ship with, and use by default, the unlimited policy files. Policy files for JDK 8 are accessible from the link below.
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html (JVM 1.8)
Installation
On Windows
1. Determine the location of the JVM/JDK you are using by opening the .install4j\inst_jre.cfg file located in your JSCAPE MFT Server installation directory. This file will contain the path to the JRE used when running JSCAPE MFT Server.
Example
c:\program files\java\jre
2. Extract the contents of the Unlimited Strength Jurisdiction Policy Files to a temporary directory.
3. Copy the local_policy.jar and US_export_policy.jar files extracted in the previous step to the lib\security directory of your JRE making sure to backup previous versions of these jar files should you decide to revert back to the previous installation.
Example
c:\program files\java\jre\lib\security
4. Restart both the JSCAPE MFT Server Service and JSCAPE MFT Server Manager.
On Linux
1. Determine the location of the JVM/JDK you are using. One way to do this would be to:
1. Execute the command: ps -efwww | grep java; 2. Find the JSCAPE MFT Server process; and then 3. Find the Java executable that's running the JSCAPE MFT Server process. This will give you an idea where the JVM/JDK in question is located. Please refer to the example screenshot below:
Figure 271
In the example, the JRE could be located at:
/opt/java/jdk1.8.0_60/jre
2. Extract the contents of the Unlimited Strength Jurisdiction Policy Files to a temporary directory.
3. Copy the local_policy.jar and US_export_policy.jar files extracted in the previous step to the lib/security directory of your JRE making sure to backup previous versions of these jar files should you decide to revert back to the previous installation.
Example
/opt/java/jdk1.8.0_60/jre/lib/security
4. Restart both the JSCAPE MFT Server Service and JSCAPE MFT Server Manager.
|