Cryptography within the existing JCE architecture gives
Java 2 programmers security and performance advantages of hardware
cryptography with minimal changes to existing Java applications.
To use hardware cryptographic function provided by the IBMJCECCA
provider:
- Edit the java.security file in the ${java-home}/lib/security directory
so that it contains the following lines:
security.provider.1=com.ibm.crypto.hdwrCCA.provider.IBMJCECCA
security.provider.2=com.ibm.crypto.provider.IBMJCE
- Copy the unrestricted policy files from the ${java-home}/demo/
jce/policy-files/unrestricted directory to the ${java-home}/lib/security
directory.
If you intend to use the keytool command to create JKS files
that do not use hardware encryption:
- Edit the java.security file to remove the line that references
JCE4758.
- Create the keystores.
- If you intend to use hardware cryptography as well, reinstate
the line in the java.security file.