iWay Service Manager Security Guide > Configuring Kerberos With Microsoft SQL Server > Hardening the Java Virtual Machine Cryptography

Hardening the Java Virtual Machine Cryptography

Encrypting Kerberos requires you to replace the default encryption .jar files in your Java Virtual Machine (JVM) with the unlimited strength editions. To harden the JVM cryptography:

  1. Obtain a copy of the following archive:

    Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8.

  2. Unzip this archive and extract the following .jar files to the location of the JVM runtime folder:
    • local_policy.jar
    • US_export_policy.jar

    Note: You can move or replace the current jar files in the folder.

    On Windows, the JVM runtime folder location is: 

    {jre folder}/lib/security

    On Linux, the JVM runtime folder location is: 

    {jre}\lib\security
  3. Ensure that the correct runtime JVM folder is copied, as there may be multiple versions of java on a machine.

    If the jar files are not correct, the following error will appear when connecting to Kerberos: 

    Integrated Authentication Failed{guid number}