Additional libraries needed for SFTP ciphers

Top  Previous  Next

If you are planning to use the non-default ciphers that are included as part of JSCAPE MFT Server SFTP service, then you may need to install the JCE Unlimited Strength Jurisdiction Policy Files distributed by Sun Microsystems.

 

The default ciphers that are supported by the SFTP service include blowfish-cbc, 3des-cbc, none.  If you are only using the default enabled ciphers then installing the Unlimited Strength Jurisdiction Policy Files is not necessary.

 

Examples of non-default ciphers that require installing the Unlimited Strength Jurisdiction Policy Files include but are not limited to aes, twofish, serpent, idea and cast.

 

Due to export restriction the version of the policy files bundled by default with the JDK allow "strong" but limited cryptography to be used.  The "unlimited strength" policy files contain no restrictions on the cryptographic strengths.

 

 

Download Unlimited Strength Jurisdiction Policy Files

 

http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html  (JVM 1.6)

 

http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html  (JVM 1.7)

 

 

Installation

 

1.  Determine the location of the JVM/JDK you are using by opening the .install4j\inst_jre.cfg file located in your JSCAPE MFT Server installation directory.  This  file will contain the path to the JRE used when running JSCAPE MFT Server.

 

Example

 

c:\program files\java\jre1.6.0_06

 

2. Extract the contents of the Unlimited Strength Jurisdiction Policy Files to a temporary directory.

 

3. Copy the local_policy.jar and US_export_policy.jar files extracted in the previous step to the lib\security directory of your JRE making sure to backup previous versions of these jar files should you decide to revert back to the previous installation.  

 

Example

 

c:\program files\java\jre1.6.0_06\lib\security

 

4.  Restart both the JSCAPE MFT Server Service and JSCAPE MFT Server Manager.