Breadcrumbs

Create a pkcs11 File

  1. Create a file /u01/app/oracle/config/domain/admindomain/pkcs11 and add the below contents to it.

›_ Console 

name=CryptoServer library=/opt/utimaco/lib/libcs_pkcs11_R3.so slotListIndex=0

attributes=compatibility attributes(*,*,*) = { CKA_TOKEN = true

}

This file will be used by the SunPKCS11 provider to perform cryptographic operations on the Utimaco HSM.

  1. Obtain the below jurisdiction (unlimited strength) policy files from Oracle for your country and Java version:

    1. US_export_policy.jar

    2. local_policy.jar

The unlimited policy files are required only for JDK 8 updates earlier than 8u161. On those and later versions, the stronger cryptographic algorithms are available by default.

  1. Copy these jurisdiction policy files into the directory <java-home>/lib/security.

›_ Console 

# cp US_export_policy.jar <java_home>/lib/security # cp local_policy.jar <java_home>/lib/security