Environment
Novell iManager 2.7
Situation
The following error is received when trying to import a keytab file that contains AES256 bit encryption key using the Kerberos Management Plug-in.
ImportKey Failed: Verify the PrincipalName: The Name given should be same as
the pricipal name in the key & make sure you are giving the valid Keyfile path
Resolution
The reason the import is not working with keytabs that contain AES 256 keys is that
AES256 is not enabled in JRE. Please download and install the "Java
Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy
Files" from http://java.sun.com/javase/downloads/index_jdk5.jsp. Use the following steps to extract the contents of the jce_policy-1_5_0.zip to JDK lib that iManager is using:
1) Stop Tomcat
2) Extract jce_policy-1_5_0.zip to the JDK library that iManager is using.
3) Restart Tomcat
1) Stop Tomcat
2) Extract jce_policy-1_5_0.zip to the JDK library that iManager is using.
a. /opt/novell/jdk1.6.0_13/jre/lib/security for iManager Server
b. <iManager Mobile Unpack Area>/imanager/bin/linux/java/jre/lib/security for iManager mobile
b. <iManager Mobile Unpack Area>/imanager/bin/linux/java/jre/lib/security for iManager mobile
Additional Information
Make sure you are using the latest version the Kerberos Management iManager Plug-in.