Difference between revisions of "Java encryption key - setting unlimited length"

From Fusion Registry Wiki
Jump to navigation Jump to search
(4. Set crypto.policy to unlimited in java.security)
Line 16: Line 16:
 
Edit the java.security file and search for an entry like:
 
Edit the java.security file and search for an entry like:
 
  #crypto.policy=unlimited
 
  #crypto.policy=unlimited
Uncomment this line by removing the # and save the file.
+
Uncomment this line by removing the #
 
  crypto.policy=unlimited
 
  crypto.policy=unlimited
 +
Save the file

Revision as of 02:15, 13 October 2020

Releases of the Oracle Java Runtime Environment (JRE) prior to 1.8.0_151 require a change to their default security policy configuration to support the 256-bit AES encryption used by the Fusion products for sensitive data.

If an Encryption Failed - Illegal key size or default parameters error is reported, change to a different Java implementation such as Amazon Corretto 8, or follow the procedure below to modify the Oracle Java security policy to support encryption keys of unlimited length.

IllegalKeySizeError.PNG

Procedure

1. Shutdown the Java web application server - e.g. Tomcat

2. In JAVA_HOME, search for the file java.security

JAVA_HOME is the directory where the Java software is installed. A typical directory tree is shown below:

JavaHomeSecurity.PNG

3. Find the java.security file

It should be under the jre/lib/security directory

4. Set crypto.policy to unlimited in java.security

Edit the java.security file and search for an entry like:

#crypto.policy=unlimited

Uncomment this line by removing the #

crypto.policy=unlimited

Save the file