You can use IAIK-JCE to supplement the security functionality of the default JDK. Do the following to install the IAIK-JCE encryption provider and set up the ETL process to use it.
- Go to http://jce.iaik.tugraz.at/sic/Products/Core-Crypto-Toolkits/JCA_JCE and download the latest iaik_jce.zip.
- Extract the downloaded zip file.
- Go to the lib-signed folder.
- Copy iaik_jce.jar and iaik_jce_native_aes.jar to the JRE_HOME/lib/ext folder.
- Go to the JRE_HOME/lib/security folder.
- Add the following entry to java.security file:
security.provider.XX=iaik.security.provider.IAIK
where XX is the next available number
- With Windows, do the following to set global JVM parameters for the IAIK-JCE provider:
- Display the System Environment Variables settings (Control Panel, System, Advanced Tab, Environment Variables)
- Enter the following environment variable:
JAVA_TOOL_OPTIONS=-Dprimavera.encryptor.provider="IAIK"
- With UNIX and Linux, do the following to set global JVM parameters for the IAIK-JCE provider:
- Create the following shell script in the /etc/profile.d folder (for example, /etc/profile.d/setmyjavaoptions.sh) or in the .profile file that corresponds to your default shell:
export JAVA_TOOL_OPTIONS=-Dprimavera.encryptor.provider="IAIK"
- Create the following shell script in the /etc/profile.d folder (for example, /etc/profile.d/setmyjavaoptions.sh) or in the .profile file that corresponds to your default shell:
- Run configStar.cmd (with Windows) or configStar.sh (with UNIX or Linux) to update the data warehouse settings with the passwords encrypted using the IAIK-JCE provider.