Update OpenJDK 8 to use Utimaco HSM | Utimaco Integration Guides

Copy the CryptoServerJCE.jar file to JAVA_HOME/jre/lib/ext/.

›_ Console

# cp /opt/utimaco/lib/CryptoServerJCE.jar /usr/lib/jvm/java-1.8.0-openjdk1.8.0.232.b09-2.el8_1.x86_64/jre/lib/ext

Go to the <JDK_Installation_directory>/jre/lib/security directory.

›_ Console

# cd /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.232.b092.el8_1.x86_64/jre/lib/security/

Edit the java.security configuration file to add CryptoServerJCE provider as highlighted below.

›_ Console

security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=sun.security.ec.SunEC

security.provider.4=com.sun.net.ssl.internal.ssl.Provider security.provider.5=com.sun.crypto.provider.SunJCE security.provider.6=sun.security.jgss.SunProvider security.provider.7=com.sun.security.sasl.Provider security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.9=sun.security.smartcardio.SunPCSC security.provider.10=CryptoServerJCE.CryptoServerProvider

<home_directory>/CryptoServer.cfg

Specify the correct provider number and path for the CryptoServerJCE Provider.