Prerequisites

Topics:

Before using NAS2, ensure that the prerequisites described in this section are met.

Java Development Kit (JDK)

You must have JDK version 1.6.0_21 or higher installed.

Unlimited Strength Java Cryptography Extension (JCE) Policy Files

You must download the unlimited strength JCE policy files for JDK 6:

  • local_policy.jar
  • US_export_policy.jar

These files can be downloaded from http://java.sun.com.

Once the files are downloaded, copy them to \jre\lib\security and overwrite the existing versions of these .jar files.

Note: If you are using Windows, the JDK installation will install a JRE and a JDK environment in two separate locations. For example:

C:\Program Files\Java\jre6\lib\security
C:\Program Files\Java\jdk1.6.0_21\jre\lib\security

You must install the unlimited strength JCE policy files in both environments.

Bouncy Castle as a Security Provider

To install Bouncy Castle as a security provider, you must add it as an entry to the java.security file, which is located in the following directory for the JDK/JRE that you are using:

$JAVA_HOME/jre/lib/security/java.security

Look for a list of lines starting with security.provider.X where X is a number.

Add the following line at the bottom of the list:

security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider

where:

N

Is one more than the previous number in the list.

For example:

security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.8=sun.security.smartcardio.SunPCSC
security.provider.9=sun.security.mscapi.SunMSCAPI
security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider

It is possible to add the provider higher up in the list. If you do this, iWay recommends that you do not add it earlier than position 2 as there are occasionally internal dependencies on the provider at position 1 that may cause some operations by your Java environment to result in errors.