Breadcrumbs

Java Configuration to use Utimaco HSM

Update java.security file to use Utimaco HSM for JDK8

  1. Go to the <JDK_Installation_directory>/jre/lib/security directory.

›_ Console 

# cd /home/oracle/jdk1.8.0_211/jre/lib/security/

  1. Edit the java.security configuration file to add provider, as highlighted below.

›_ Console 

security.provider.1=sun.security.provider.Sun 
security.provider.2=sun.security.rsa.SunRsaSign 
security.provider.3=sun.security.ec.SunEC 
security.provider.4=com.sun.net.ssl.internal.ssl.Provider 
security.provider.5=com.sun.crypto.provider.SunJCE 
security.provider.6=sun.security.jgss.SunProvider 
security.provider.7=com.sun.security.sasl.Provider 
security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI 
security.provider.9=sun.security.smartcardio.SunPCSC 
security.provider.10=CryptoServerJCE.CryptoServerProvider

/home/oracle/CryptoServer.cfg

Specify the correct provider number and path for CryptoServerJCE Provider.


Update java.security file to use Utimaco HSM for JDK11

  1. Go to the <JDK_Installation_directory> conf/security directory.

›_ Console 

# cd /home/oracle/jdk-11.0.6/conf/security/

  1. Edit the java.security configuration file to add CryptoServerJCE provider.

›_ Console 

security.provider.1=SUN 
security.provider.2=SunRsaSign 
security.provider.3=SunEC 
security.provider.4=SunJSSE 
security.provider.5=SunJCE 
security.provider.6=SunJGSS 
security.provider.7=SunSASL
security.provider.8=XMLDSig 
security.provider.9=SunPCSC 
security.provider.10=JdkLDAP 
security.provider.11=JdkSASL 
security.provider.12=SunPKCS11
security.provider.13=CryptoServerJCE.CryptoServerProvider

Specify the correct provider number and path for CryptoServerJCE Provider.