StrongKey makes the assumption that the JDK is installed in the /usr/local/jdk1.5.0_07 directory. You can, however choose to install it in another location. Whichever location you choose, this documentation will also refer to it as $JAVA_HOME.

You must have Firefox 1.5.x installed on your machine to take advantage of certain cryptographic modules that come bundled with that product. If you do not have Firefox installed, please download it from http://www.mozilla.com/firefox and install it.

1

As the symkey user, download the free JDK 5.0 – also known as J2SE5 - from Sun's website and store it in a temporary directory.

2

If you are in a country where it is available, download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0 from the same website. If you cannot download this file, you will not be able to use any symmetric key above 128-bits.

3

Install the JDK by executing the downloaded binary file using

./jdk-1_5_0_07-linux-i586.bin

If the file is not executable, change its mode using the following;

chmod 755 jdk-1_5_0_07-linux-i586.bin

Extract the contents of the downloaded binary file in the temporary directory where you downloaded it by executing the file, as follows:

./jdk-1_5_0_07-linux-i586.bin

Move the contents of the extracted JDK into /usr/local as follows:

mv jdk1.5.0_07 /usr/local

4

Unzip the jce_policy-1_5_0.zip file using the following:

unzip jce_policy-1_5_0.zip

5

Copy the two jar files from the extracted jce directory (local_policy.jar and US_export_policy.jar) to $JDK_HOME/jre/lib/security, as follows:

mv jce/*.jar $JAVA_HOME/jre/lib/security

6

Finally, edit the java.security file in $JAVA_HOME/jre/lib/security and add the following line in the section of JCE providers (the line to add is in red color; you should already have six JCE providers in the default JDK installation):

#
# List of providers and their preference orders (see above):
#
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=sun.security.pkcs11.SunPKCS11 /usr/local/etc/symkey/pkcs11/jdk5-nss-linux.cfg

Bear in mind that each provider is on a separate line, and that the line for provider #7 is really one, unbroken line. To avoid typographical errors, please copy the red line and paste it into your java.security file.

7

Display the /usr/local/etc/symkey/pkcs11/jdk5-nss-linux.cfg file and review its contents. One of the lines in there states:

library = /usr/lib/libsoftokn3.so

8

Verify that you do have such a file in that location on your machine. If it is not, locate the libsoftokn3.so file using:

locate libsoftokn3.so

If the output indicates that it found a copy, and if it is not in the default location specified above, then update the jdk5-nss-linux.cfg file to reflect the actual location of this library.

If the output indicates that it did not find the library, then it probably does not exist because Firefox is not installed on your machine. In this case, please install Firefox 1.5.x first, and continue from step #7 above. You can get Firefox for free at http://www.mozilla.com/firefox.

If the library is available in the location specified by the library parameter in the jdk5-nss-linux.cfg file, then it is OK.

9

At this point, you have successfully installed the JDK.