Linux Systems

Note:

You may be required to give script file(s) execution rights. This can be accomplished by opening a terminal window and typing:

sudo chmod +x <PathToFile>

for example, sudo chmod +x /opt/eftlink/encrypt-cayan.sh

To re-encrypt a password with new encryption settings; open a command prompt and change directory to eftlink location.

• Type at the command prompt: sudo ./encrypt-cayan.sh -g [<keystore name> <properties> <certificate> <dyanamicProperties> {<Colon-Separated List of Properties>} <keygen type> <cipher type> <key size> <iterations>].

  For example, sudo ./encrypt-cayan.sh -g

• Re-encryption uses existing crypto settings in the properties file to decrypt the password. Once the password is decrypted, a new keystore file is generated using the new crypto parameters specified at the command line and the new encrypted password / initialization vector is generated.

• When using AES algorithm with a key size that is greater than 128, you may get java.security.InvalidKeyException: Illegal key size or default parameters. If so, Additional Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files will need to be downloaded and extracted to $JAVA_HOME/jre/lib/security/