Install Java Cryptography Extension (JCE) unlimited strength jurisdiction files to remove restrictions on cryptographic strength that can prevent users from successfully logging in to vCloud Director using vSphere Sign On.

About this task

Because of import control restrictions of some countries, the JCE policy files included in vCloud Director support an encryption strength that is insufficient for some applications, including the SAML identity provider.

Prerequisites

You must have superuser credentials for each cell.

Procedure

  1. Download the policy files for the version of Java installed on the cell. This release of vCloud Director uses Java version 8. You can download the Java Cryptography Extension unlimited strength jurisdiction files for Java 8 from http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html.
  2. For each cell in your installation, take the following steps, as documented in the vCloud Director Installation and Upgrade Guide:
    1. Use the cell management tool to quiesce the cell.
    2. Stop vCloud Director services on the cell.
    3. Locate the JRE policy files in the $VCLOUD_HOME/jre directory and replace them with the downloaded policy files, preserving the ownership and permissions of the replaced files.
    4. Re-start vCloud Director services on the cell.

What to do next

Repeat this procedure for all cells.