This document covers EFTLink Integration with Ocius Sentinel Payment Systems. It should be read in conjunction with the Oracle Retail EFTLink Framework Installation and Configuration Guide.
This document assumes static EFTLink configuration. When deploying with a POS that supports dynamic configuration, all property settings referred to below should be set on the POS, and not directly into local property files.
EFTLink connects to the Ocius Sentinel application using a proprietary socket protocol. Normally the Ocius Sentinel application, which is configured to run screenlessly, is installed on the same PC as the POS application.
Note: This document does not cover the installation of the Ocius Sentinel application itself. |
In addition to standard EFTLink files:
Cores/OciusSentinel/ociussentinelcore.jar
ocius.properties
ocius_receipt.properties
(only if using XML receipt data, can be auto-deployed, see XML Receipts).
receipt template files (only if using XML receipt data, can be auto-deployed, see XML Receipts).
There are no translation files in ociussentinelcore.jar
Ocius Sentinel is deployed in the UK, so the language set in the EFTLink framework should be English, which is the default.
See the Oracle Retail EFTLink Framework Installation and Configuration Guide, EFTLink General Information section, Translation sub-section.
EftlinkConfig.properties
DisplayLanguage = EN
The following should have been set in EftlinkConfig.properties
by installcore.bat or installcore.sh
EPSCore0 = manito.eft.ocius_sentinel.OciusSentinelCore
The core is configured via properties contained in the ocius.properties
file, which is copied from cores/OciusSentinel folder to the root eftlink folder by installcore.bat
or installcore.sh
.
These must be set. Since these two properties must be encrypted by default, see Password Encryption.
Table 11-1 Verifone Ocius Sentinel - Key Settings
Setting | Description | Example |
---|---|---|
user.id |
The user ID to send to the terminal when logging on. The ID is allocated by the Ocius Sentinel, and needs to be encrypted for default configuration. |
|
user.pin |
The user PIN to send to the terminal when logging on. The PIN is allocated by the Ocius Sentinel, and needs to be encrypted for default configuration. |
|
There are a large number of optional settings that usually do not need to be set or modified, but for completeness they are defined here. In the property file all are commented with default values or empty.
Table 11-2 Verifone Ocius Sentinel - Optional Configuration Settings
Setting | Description | Default |
---|---|---|
ip.address |
The IP address of the Ocius Sentinel software. |
|
ip.port |
The IP port of the terminal. |
|
terminal.menu.configuration |
The menu configuration to send to the terminal when logging on. The default is * which enables all menus. See the Ocius Manual for more details. |
* |
account.id |
The account ID to send with each transaction. This option is used in some deployments, and Verifone would indicate the value to use. |
blank |
auto.logon |
If this is set true then the core will log on to the terminal automatically when it receives a transaction (if the POS has not already sent a logon command). |
|
pause.before.auto.logon |
The number of milliseconds to wait before issuing an automatic logon command to Sentinel. This is to allow for an issue with Sentinel which causes it to occasionally reject or lose messages which are sent too soon after a previous communication. |
|
auto.logon.pause |
The number of milliseconds to wait after an auto logon before sending a transaction. The pause should be for several seconds. |
NA |
merchant.receipt.path |
The folder where Ocius Sentinel is to place the merchant receipt. If undefined (commented or blank value) the file would be expected at the root of the same drive, which is where Ocius Sentinel puts the receipt by default. |
|
merchant.receipt.filename |
The name that Ocius Sentinel will use for the merchant receipt. Default is Receipt1.txt, it can be modified in the Ocius Sentinel application, and if so the name used should be entered here. |
Receipt1.txt |
customer.receipt.path |
The folder where Ocius Sentinel is to place the customer receipt. This is only relevant if xml. If undefined (commented or blank value) the file would be expected at the root of the same drive, which is where Ocius Sentinel puts the receipt by default. |
|
customer.receipt.filename |
The name that Ocius Sentinel is to use for the customer receipt. Default is Receipt2.txt. This can be modified in the Ocius Sentinel application, and if so, the name used must be entered here. |
Receipt2.txt |
report.path |
The folder where Ocius Sentinel is to place the report file. |
|
report.filename |
The name that Ocius Sentinel is to use for the report file. |
NA |
progress.ip.port |
The port that the core listens on for status messages from Ocius Sentinel. |
|
tear.merchant.receipt.text |
The text to be displayed at the POS when prompting the operator to remove the merchant receipt from the printer. |
NA |
tear.customer.receipt.text |
The text to be displayed at the POS when prompting the operator to remove the customer receipt from the printer. |
NA |
strip.receipt.carriage.returns |
Ocius Sentinel delivers receipts with lines terminated by both carriage return and linefeed characters. If this option is set true then the carriage return characters will be removed. |
|
max.cashback.length |
The maximum length permitted for a cashback amount. |
|
duplicate.receipt.title |
An extra title to add to the top of a receipt which is reprinted in response to the "Re-print/Continue" message. |
where the \n indicates a linefeed. Leave blank to suppress this title. |
suppress.merchant.receipt |
Whether to suppress printing of the merchant receipt so only a customer copy is provided. |
|
offer.reprint |
Whether to display the "Re-print/Continue" dialogue after printing a receipt. |
|
defer.customer.receipt |
If true this will cause the customer receipt to be sent as part of the final CardServiceResponse when payment processing is complete. |
|
account.on.file.mode |
This may be set to an integer from 0 to 4 inclusive. Values are defined in the Ocius Sentinel integration guide v1.5 as follows: 0 - Not Set 1 - Do Not Register (the default) 2 - Register 3 - Register Only 4 - Register, decline transaction if registration fails. |
NA |
card.read.mode |
This may be set to 0, 1 or 2 and defines what type of card is to be read when the core receives a card read request: 0 - Non EFT card 1 - EFT card 2 - Automatic based on the EFTLink background flag set by the POS, background=true reads a non-EFT card, otherwise an EFT card is expected (this is the default behaviour for this setting). |
NA |
remove.card.after.read |
If true this should cause Ocius Sentinel to prompt for the card to be removed after a card read. In practice it has been found that Sentinel ignores this setting. |
NA |
encrypted.passwords |
user.id, user.pin, account.id and transax.account.id must be encryped using the encryption utility. See Password Encryption. |
NA |
auto.confirm.licence.key |
If true (the default), then there will be an automatic response to the LicenceDetailConfirmation status from Ocius Sentinel. |
|
card.wait.mode |
If true the core will send CARDWAIT records, otherwise it will operate in standard mode. |
|
wait.record.header |
This is the header text to display on the PED when it prompts for the card details to be presented. |
The default is for the section to be left blank. |
wait.record.body |
This is the body text to display on the PED when it prompts for the card details to be presented. |
The default is for the section to be left blank. |
wait.record.footer |
This is the footer text to display on the PED when it prompts for the card details to be presented. |
The default is for the section to be left blank. |
wait.record.timeout |
This is the time in seconds for the PED to wait for the card details to be presented. |
0 (no timeout) |
wait.record.capture.methods |
This is a hex bitmap of the capture methods that the PED is to allow. The hex bitmap is comprised of the following hex values:
|
The default is for the core to leave this blank, in which case Sentinel will apply the following default:
|
wait.record.fallback.methods |
This is a hex bitmap of the fallback methods that the PED is to allow. The hex bitmap is comprised of the following hex values: Fallback from ICC to Swipe = 01 Fallback from Swipe to Key = 02 |
The default is for the core to leave this blank, in which case Sentinel will apply the following default:
|
auto.offline |
If true the core will automatically instruct Ocius Sentinel to work offline if the remote server is unavailable. |
|
reference |
This setting configures the customer reference generated by the core. It may contain any text except commas but the following case-sensitive keywords will be substituted with corresponding data: Date: the transaction date provided by the POS in the form YYMMDD Time: the transaction time provided by the POS in the form HHMMSS Transnum: the transaction number provided by the POS User: the operator ID provided by the POS when it logged on to EFTLink Pos: the POS ID provided by the POS when it logged on to EFTLink |
|
CARDWAIT with CNP |
If a card swipe request is issued with the CNP flag set then an alternative set of wait record parameters will be sent to the PED. These have the same names as the wait record properties already defined but with .cnp appended, for example: wait.record.capture.methods.cnp = 1 The primary purpose of this is to allow the PED to be forced into keyed only mode in a customer-not-present (telesales) scenario. The definitions and default settings for the alternative parameters are the same as the standard parameters. |
NA |
simple.cnp.enabled |
For telesales if a card has been keyed via a previous card swipe and customer address capture is not required as part of the subsequent transaction then this setting should be set true. Note: In this mode <CNP>true</CNP> is added to the XML receipt data for telesales. |
|
transax.account.id |
The account ID to use for Transax transactions. |
NA |
transax.types.requiring.card |
The Transax transaction types which require card entry at the PED. This may be any combination of the letters A, B, M, O or P without spaces or separators. |
|
transax.declined.operator.message |
If a Transax payment is declined or otherwise fails this optional setting can be used to provide an acknowledgeable message to bring the failure to the attention of the operator. The default value is blank (no message will be displayed). If required the value may be static text. For example: transax.declined.operator.message=Transax Payment Void Or it may be used to display one of the fields of a Transax XML receipt. For example. transax.declined.operator.message=<Message> |
NA |
auto.confirm.auth.code |
If this is set true then Ocius Sentinel status 20 (Confirm Auth Code) will be answered automatically. |
NA |
voice.referral.amount.text |
This defines the label shown against the transaction amount in the voice referral prompt. If the POS already displays the amount elsewhere on the screen then voice.referral.amount.text may be set to blank to exclude it from the message sent by the core. |
NA |
voice.referral.compact.dialogue |
If true the two stage referral dialogue where the operator must first confirm that the authorization has been accepted before entering the authorization code will be reduced to a single dialogue where the operator may immediately enter an authorization code or blank to cancel. |
NA |
signature.verification.reprint.option |
By default the signature verification dialogue offers two options to confirm or reject the signature. If this setting has a value a third option will be displayed which will cause the signature slip to be reprinted. The value should be the text to be displayed, for example Reprint. The default is blank which disables this option. Note: offer.reprint provides a more general purpose reprint mechanism. |
NA |
defer.void.receipts |
If true then void customer receipts will not be printed immediately but will be embedded in the final response from the core. Applies only in XML mode. |
|
suppress.final.declined.message |
If the POS displays its own declined message on receiving a payment failure response from the core then this setting may be used to suppress any similar display message from the core. |
|
suppress.cnp.signature.receipt |
If true then the signature receipt will be suppressed for telesales transactions when simple.cnp.enabled is true. Applies only for XML based receipts. |
|
auto.translate.status.messages |
Indicates whether the core should translate status messages according to the recommendations in the Ocius Sentinel Integration Guide. If false then status messages can still be translated. |
|
space.out.status.messages |
Indicates whether status text from Ocius Sentinel should be spaced out for display, for example ExpiryDateRequired becomes Expiry Date Required. |
|
ped.unavailable.retry.pause |
If status message 55 (PEDUnavailable) is received this setting specifies the number of milliseconds to wait before requesting Ocius Sentinel to retry. |
The default is 0 (zero) which disables handling of status message 55. |
legacy.printing |
Enables file-based printing if set to true, otherwise socket-based printing will be used. |
|
cancel.card.wait.delay |
When card.wait.mode=true this setting defines the minimum interval in milliseconds between a card swipe request from the POS and a cancellation of the card swipe (abort). This is to allow for a limitation in Ocius Sentinel which cannot cope with the two messages being sent in close proximity. The delay is only applied if needed and the default interval is 1000ms. |
|
max.login.ready.wait |
After a processing a login request from the POS this is the maximum time to wait in milliseconds for a Ready status from Ocius Sentinel before returning a login success response to the POS. If this setting is zero then the wait will be indefinite. |
|
await.ready.after.transaction |
The default behavior for the core is to wait for Ocius Sentinel to complete all necessary actions after a payment including having the customer remove the card from the PED before responding to the POS with the result. To allow the transaction to complete at the POS without waiting for card removal set await.ready.after.transaction=false. |
NA |
store.merchant.receipt |
If true the merchant receipt will not be printed but will be sent to the POS to be stored in an electronic audit journal (where the POS supports this capability). |
|
use.ocius.card.text |
If true EFTLink will use the card scheme name provided by Ocius Sentinel rather than performing a look-up in its Card Range File. |
|
separate.receipt.lines |
If true the deferred (embedded) customer receipt will be sent as separate lines rather than as a single block of text containing line breaks. This is to cater for POS systems which have a limit to the length of continuous text that they can accept. |
|
auto.logoff |
If the response to a logon request to Ocius Sentinel indicates that a user is already logged in then this setting will cause the core to send a logoff followed by another logon. |
|
deploy.default.templates |
If true then a default set of receipt templates will be created by EFTLink if they do not already exist in the EFTLink folder at start up. Applies only when XML receipts are in use. |
|
dummy.void.receipts |
If true then the core will generate a dummy success response and receipt for a payment refund request without any interaction with Ocius Sentinel. |
|
fixed.receipt.merchant.text |
When using Ocius Sentinel's preformatted receipts (as opposed to XML based receipts) this defines the text within the receipt which identifies it as a merchant receipt. |
|
fixed.receipt.customer.text |
When using Ocius Sentinel's preformatted receipts (as opposed to XML based receipts) this defines the text within the receipt which identifies it as a customer receipt. |
|
fixed.receipt.signature.text |
When using Ocius Sentinel's preformatted receipts (as opposed to XML based receipts) this defines the text within the receipt which identifies it as a signature receipt. |
|
fixed.receipt.void.text |
When using Ocius Sentinel's preformatted receipts (as opposed to XML based receipts) this defines the text within the receipt which identifies it as a void receipt. |
|
fixed.receipt.declined.text |
When using Ocius Sentinel's preformatted receipts (as opposed to XML based receipts) this defines the text within the receipt which identifies it as a declined receipt. |
|
download.retry.limit |
As part of the login process Ocius Sentinel may detect and attempt to download a software update. It is possible at this stage for Sentinel to send status 75 (Download Still Being Prepared) in which case this setting defines the number of times to retry the software download. |
|
cancel.download.on.failure |
If a software download fails due to reaching the retry limit, this setting defines whether a download cancellation command should be sent to Ocius Sentinel in order to allow the POS to login and proceed with sales operations. If no cancellation command is sent then the operator will need to interact with the (Windows) Ocius Sentinel application manually in order to cancel the download or attempt further retries. |
|
ocius.sentinel.exe.path |
After a successful software download Ocius Sentinel will send status 58 (Restart After Software Update) indicating that it needs to be restarted. In response to this the core will send a message instructing Ocius Sentinel to shut down and will then re-launch the application by running an executable file, the location of which is defined by this setting. |
|
ocius.sentinel.restart.pause |
When restarting Ocius Sentinel after a software download this setting defines the delay in milliseconds between instructing Sentinel to shut down and restarting it. |
|
offline.reconnect.retry.limit |
When Ocius Sentinel reports that it is offline from the remote server this setting can be used to configure a number of connection retries. A value of -1 indicates unlimited retries. If a connection still cannot be established after the required number of retries then the auto.offline setting applies. |
|
gift.card.type |
Defines the type of gift card supported by the core where 0 = Park Retail (the default) 1 = SVS Note: The POS may override this setting to specify the gift card type in its request message. |
NA |
report.card.events |
If true then the core will send DeviceEvent messages to the POS when a card is inserted into or removed from the PED. This is determined from status messages sent to the core by Ocius Sentinel. |
|
print.dcc.quote |
If true then the core will print a DCC currency conversion quote at the point when the customer is asked to make a DCC decision at the PED. |
|
keystore.name |
The name of the keystore file containing the key for decrypting passwords. Since the keystore file will be created in the cores/OciusSentinel folder, the property can either include the relative path, or the keystore file can be copied to the base EFTLink folder. Example with path keystore.name = cores/OciusSentinel/ocius.keystore Example where the keystore file has been copied to the base EFTLink folder keystore.name = myfile.dat |
|
send.ocius.update.to.pos |
Whether to display the status update from Ocius to the POS or not. |
|
Status messages sent by Ocius Sentinel for display at the POS can be translated or suppressed by adding entries to ocius.properties
. Each message is identified by a number and the Ocius Sentinel integration guide lists all the possible messages.
As an example, status message 1 displays the text Enter Gratuity
. To change this to "Enter Tip" the following entry can be added to ocius.properties
:
status.1=Enter Tip
To suppress this message leave the text blank (nothing after the equal sign) as follows:
status.1=
There are a number of other messages and prompts which are provided by the core itself and these are also configurable. The settings in ocius.properties are listed below with their defaults:
confirm.auth.code.prompt=Confirm Transaction?
confirm.auth.code.yes.option=Yes - Confirm Txn
confirm.auth.code.no.option=No - Decline Txn
voice.referral.prompt=Call Auth Centre
voice.referral.tel.text=Tel:
voice.referral.mid.text=MID:
voice.referral.tid.text=TID:
voice.referral.amount.text=Amount: £
voice.referral.trailing.text=
voice.referral.yes.option=Authorise
voice.referral.no.option=Abort
voice.referral.auth.entry.prompt=Enter Auth Code (or blank to cancel)
signature.verification.prompt=Valid Signature?
signature.verification.yes.option=Yes - Confirm Txn
signature.verification.no.option=No - Decline Txn
signature.verification.reprint.option=
cashback.prompt=Please enter cashback amount
declined.card.removal.prefix.text= Declined –
svs.partial.payment.title=PARTIAL PAYMENT ONLY
svs.requested.amount.text=Requested £
svs.available.amount.text=Available £
svs.outstanding.amount.text=Outstanding £
svs.partial.payment.yes.option=Continue
svs.partial.payment.no.option=Cancel
For POS systems which support this it is possible to specify the position or order of some dialogue options using index numbers. The index should be an integer with value 1 or higher. The maximum index number allowed and the interpretation of the number will depend upon the implementation at the POS, for example in the case of Retail-J there are 8 button positions available down the right-hand side of the screen so the index numbers would range from 1 to 8.
The following settings are available:
confirm.auth.code.yes.position
confirm.auth.code.no.position
voice.referral.yes.position
voice.referral.no.position
signature.verification.yes.position
signature.verification.no.position
signature.verification.reprint.position
svs.partial.payment.yes.position
svs.partial.payment.no.position
Ocius Sentinel is able to supply raw receipt data in XML form rather than as formatted text. The directory path where Ocius writes these files should be setup in Ocius and points to the working directory of EFTLink, example C:\eftlink. There are a considerable number of data fields available in this way (see the latest Ocius Sentinel Integration Guide for a full list). Here is an example of an XML signature receipt received by the core from Sentinel:
<VoucherDetails> <TrainingMode>false</TrainingMode> <ReceiptType>Signature</ReceiptType> <Header>B & Q</Header> <PTID>PW001654</PTID> <TID>04380001</TID> <MID>21249872</MID> <MkTransactionID>1552313</MkTransactionID> <TxnDateTime>2010-12-06 20:40:37.845 CET</TxnDateTime> <CardScheme>Visa</CardScheme> <PAN>*********2222</PAN> <ExpiryDate>12/12</ExpiryDate> <TxnType>Sale</TxnType> <CaptureMethod>SWIPED</CaptureMethod> <CustomerPresent>true</CustomerPresent> <ECommerce>false</ECommerce> <ContAuth>false</ContAuth> <AccountOnFile>false</AccountOnFile> <PinEntered>false</PinEntered> <CreditDebitMessage>Please debit my account</CreditDebitMessage> <CurrencySymbol>£</CurrencySymbol> <CurrencyAbbreviation>GBP</CurrencyAbbreviation> <Amount>1.00</Amount> <Total>1.00</Total> <CVM>Please Sign Below</CVM> <KeepText1>Please Keep This Receipt</KeepText1> <KeepText2>For your Records</KeepText2> <EFTSN>0508</EFTSN> <AuthCode>789DE</AuthCode> <Reference>101206 61 1 1</Reference> <Footer>B & Q</Footer> <GratuityBoxRequired>false</GratuityBoxRequired> <ExtendedReceipt>false</ExtendedReceipt> <DisableCurrencySymbol>false</DisableCurrencySymbol> <AuthOnly>false</AuthOnly> <CardSchemePrintText></CardSchemePrintText> <PrintAttempts>1</PrintAttempts> <ContactlessMSD>false</ContactlessMSD> <TokenRegistrationResult>NotSet</TokenRegistrationResult> <TokenRegistrationOnly>false</TokenRegistrationOnly> </VoucherDetails>
In XML mode the core must be configured to convert the XML data into formatted text receipts. Formatting is achieved using template files in which free text and XML fields can be positioned and left, right or center justified as required. Any number of templates can be created and you would typically expect to have seven or more, one for each of the merchant, signature, customer, merchant void, customer void, merchant declined and customer declined receipts, and further templates for any extended functionality (for example gift cards).
Below is example of a template file:
Example 11-1 customer_template.txt
<WIDTH=36> <CENTRE>Customer Test Template ------------------------------------ Card Sale<RIGHT><Total> <PAN> ------------------------------------ Card : <CardScheme> Number : <PAN><RIGHT><CaptureMethod> AID : <AID> App Date : <AppEff> Cryptogram : <CID>/<AC> Auth Code : <AuthCode> Merchant ID: <MID> Terminal ID: <TID> ------------------------------------ <CreditDebitMessage> <CENTRE><CVM>
In the template, XML element names are specified in angled brackets like this <CVM> and each will be substituted with the actual value supplied by Sentinel. There are four special directives used for formatting which are:
<WIDTH=nn>
This specifies the maximum width of the receipt in columns.
<CENTRE>
This will center any text which appears after it on the same line.
<RIGHT>
This will right-justify any text which appears after it on the same line.
<SUPPRESS>
The receipt will not be printed.
Note: All of the above directives must be uppercase to be recognized. |
In order to decide which template to use for a receipt the core will read a file called ocius_receipt.properties
in which templates can be selected by looking for one or more values in the XML data. This file contains entries in the form
template-filename=<XML-element-1>required-value<XML-element-2>required-value
If all of the XML elements listed on the line have the specified value then that template file will be used. Below is an example file:
Example 11-2 ocius_receipt.properties
template_customer_keyed_swiped.txt=<ReceiptType>Customer<CaptureMethod>SWIPED template_merchant_keyed_swiped.txt=<ReceiptType>Merchant<CaptureMethod>SWIPED template_signature.txt=<ReceiptType>Signature
When looking for a match templates are checked in the order that they appear in ocius_receipt.properties
. If no matching template is found then the core will return the entire XML data in place of a formatted receipt. If a template appears which does not specify any XML fields to match on (nothing after the equal sign) then that template will always be treated as a match.
It is also possible to match partial values using one or more of the flags [PREFIX], [SUFFIX] or [CONTAINS] followed by the partial text to match. For example:
template_customer_contactless.txt= <ReceiptType>Customer<CaptureMethod>[SUFFIX]CONTACTLESS
The above will match when ReceiptType has the fixed value Customer
and CaptureMethod
is any text followed by CONTACTLESS
.
The encryption key must be generated and stored in a keystore. To achieve this, the following steps must be followed:
Default configuration requires user.id, user.pin and, where used, account.id and transax.account.id to be encrypted in ocius.properties
.
user.id, user.pin, account.id and transax.account.id is allocated or configured in the Ocius Sentinel software itself, and varies from site to site.
To achieve this, the following steps must be followed:
To encrypt a password; open a command prompt and change directory to eftlink's location.
Type encrypt.bat –e <keystore name> <properties file> <password>
.
For example, encrypt.bat –e ocius.keystore ocius.properties[
followed by the required password as a final parameter].
Password and initialization vector will be outputted to the console.
Copy and paste it to the appropriate property in ocius.properties
.
To re-encrypt a password (or multiple passwords) with new encryption settings; open a command prompt and change directory to eftlink's location.
Type encrypt.bat –r <keystore name> <properties> <encrypted passwords colon separated> <previous initialization vectors colon separated> <keygen type> <cipher type> <key size> <iterations>.
For example, encrypt.bat –r ocius.keystore ocius.properties [Encrypted password1: Encrypted password2] [Encrypted password iv1: Encrypted password iv2] AES AES/CBC/PKCS5Padding 128 10000.
Re-encryption uses existing crypto settings in the properties file to decrypt the password. Once the password is decrypted, a new keystore file is generated using the new crypto parameters specified at the command line and the new encrypted password / initialization vector is generated.
When using AES algorithm with a keysize that is greater than 128, you may get java.security.InvalidKeyException: Illegal key size or default parameters. If so, Additional Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files will need to be downloaded and extracted to %JAVA_HOME%/jre/lib/security/
Note: You may be required to give script file(s) execution rights. This can be accomplish by opening a terminal window and typing:" for example, |
To encrypt a password; open a terminal window and change directory to eftlink's location.
Type: sudo./encrypt.sh -e <keystore name> <properties> <password>.
For example, sudo ./encrypt.sh -e adyen.keystore adyen.properties [followed by the required password as a final parameter].
Password and initialization vector will be outputted to the console.
Copy and paste it to adyen.password
and adyen.password.iv
in adyen.properties
.
To re-encrypt a password with new encryption settings; open a command prompt and change directory to eftlink location.
Type: sudo./encrypt.sh -r <keystore name> <properties> <encrypted password> <previous initialization vector> <keygen type> <cipher type> <key size> <iterations>
.
For example, sudo ./encrypt.sh -r adyen.keystore adyen.properties [Encrypted password] [Encrypted password iv] AES AES/CBC/PKCS5Padding 128 10000.
Re-encryption uses existing crypto settings in the properties file to decrypt the password. Once the password is decrypted, a new keystore file is generated using the new crypto parameters specified at the command line and the new encrypted password / initialization vector is generated.
When using AES algorithm with a key size that is greater than 128, you may get java.security.InvalidKeyException: Illegal key size or default parameters. If so, Additional Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files will need to be downloaded and extracted to $JAVA_HOME/jre/lib/security/
The following operations are supported by this implementation of the Ocius Sentinel interface.
Logon and logoff (at the beginning and end of a shift or trading period)
Sale
Refund
Card Read (for non-EFT cards only)
X reports (reconciliation)
Z reports (reconciliation with closure)
Customer receipt re-print (via maintenance menu)
SVS gift cards