...
- To support use of crypto key sizes larger than 2048 bits, we also add the Unlimited Strength Security Policy to the JVM. Download jce_policy-6.zip from the locker downloads directory, or from Sun (http://java.sun.com/javase/downloads/index.jsp,
Other Downloadssection at the bottom). Unzip the policy zip file and copy local_policy.jar and US_export_policy.jar into the JRE's lib/security directory (replacing the versions installed from the JDK RPM).No Format # cd /tmp # unzip /path/to/jce_policy-6.zip # cd jce # cp *.jar /usr/java/latest/jre/lib/security/ - The MIT CA certificates must be added to the certificate trust store. This can be done by downloading and adding them explicitly to the JRE cacerts trust store, as follows:
The password for the trust store is "changeit". Answer "yes" to the "Trust this certificate?" promptNo Format # wget 'http://mv.ezproxy.com.ezproxyberklee.flo.org/mitca.crt' # wget 'http://mv.ezproxy.com.ezproxyberklee.flo.org/mitClient.crt' # setenv JAVA_HOME /usr/java/latest # cd $JAVA_HOME/jre/lib/security # cp -p cacerts cacerts.orig # $JAVA_HOME/bin/keytool -import -keystore cacerts -alias mitca -file /path/to/mitca.crt # $JAVA_HOME/bin/keytool -import -keystore cacerts -alias mitclientca -file /path/to/mitClient.crt
...