Installation GuidesSiteMinder Agent for JBoss GuideInstall the SiteMinder Agent › Configure the JVM to Use the JSafeJCE Security Provider

Previous Topic: Install the SiteMinder Agent Using the Unattended Installer on UNIX

Next Topic: How to Configure the Agent and Register A System as a Trusted Host on Windows

Configure the JVM to Use the JSafeJCE Security Provider

The SOA Agent XML encryption function requires that the JVM is configured to use the JSafeJCE security provider.

To configure the SOA Agent to use the JSafeJCE security provider

  1. Add a security provider entry for JSafeJCE (com.rsa.jsafe.provider.JsafeJCE) to the java.security file located in the following location:
    JVM_HOME

    Is the installed location of the JVM used by the application server.

    In the following example, the JSafeJCE security provider entry has been added as the second security provider:

    security.provider.1=sun.security.provider.Sun
security.provider.2=com.rsa.jsafe.provider.JsafeJCE
security.provider.3=sun.security.rsa.SunRsaSign
security.provider.4=com.sun.net.ssl.internal.ssl.Provider
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider
security.provider.7=com.sun.security.sasl.Provider

    Note: If using the IBM JRE, always configure the JSafeJCE security provider immediately after (that is with a security provider number one higher than) the IBMJCE security provider (com.ibm.crypto.provider.IBMJCE)

  2. Add the following line to JVM_HOME\lib\security\java.security (Windows) or JVM_HOME/lib/security/java.security (UNIX) to set the initial FIPS mode of the JsafeJCE security provider: 
    com.rsa.cryptoj.fips140initialmode=NON_FIPS140_MODE

    Note: The initial FIPS mode does not affect the final FIPS mode you select for the SOA Agent.