• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to specify (security) configuration directives in java

 
Ravi Danum
Ranch Hand
Posts: 122
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

I want to use the NSS (Network Security Services) libraries with java JCA.

I have found on the Oracle website at:

http://docs.oracle.com/javase/6/docs/technotes/guides/security/p11guide.html#NSS

that NSS specific configuration directives must be set.

An example of this is shown below:

NSS as a FIPS 140 compliant crypto token:

name = NSSfips
nssLibraryDirectory = /opt/tests/nss/lib
nssSecmodDirectory = /opt/tests/nss/fipsdb
nssModule = fips

My question is: how are these configuration directives specified...in a properties file, or in the code?

I haven't used configuration directives before in java.

Any help is appreciated.

Thanks.

-ravi

 
Ravi Danum
Ranch Hand
Posts: 122
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Hello,

I think I found the answer at the following link:

http://java.sun.com/developer/technicalArticles/J2SE/security/

The instructions are as follows:

Just like other providers, a PKCS#11 provider can be installed dynamically at runtime or statically in the Java technology security properties file, $JAVA_HOME/lib/security/java.security. You can use the following code to programmatically create and install the PKCS#11 provider at runtime:

String configFileName = "/opt/foo/sunpkcs11-Foo.cfg";

Provider myPKCS11Prov =
new sun.security.pkcs11.SunPKCS11(configFileName);
Security.insertProviderAt(myPKCS11Prov, 1);



To statically install the PKCS#11 provider, add the following provider preference entry to the Java technology security properties file:

security.provider.1=sun.security.pkcs11.SunPKCS11 \
/opt/foo/sunpkcs11-Foo.cfg



-ravi
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic