Installing the Java Cryptography Extension on QRadar
The Java™ Cryptography Extension (JCE) is a Java framework that is required for IBM® QRadar® to decrypt advanced cryptography algorithms for AES192 or AES256. The following information describes how to install Oracle JCE on your QRadar appliance.
Optional: If you are using QRadar 7.2x, 7.3.0, or 7.31, complete the following steps:
- Download the latest version of the Java
Cryptography Extension from the IBM website
The Java Cryptography Extension version must match the version of the Java that is installed on QRadar.
- Extract the JCE file. The following Java archive (JAR) files are included in the JCE download:
- Log in to your QRadar Console or QRadar Event Collector as a root user.
- Copy the JCE JAR files to the following directory on your QRadar
Console or Event Collector:
/store/configservices/staging/globalconfig/java_securityNote: The JCE JAR files are only copied to the system that receives the AES192 or AE256 encrypted files.
- Restart the QRadar services by typing one of the following commands:
- If you are using QRadar 7.2.x, type service ecs-ec restart.
- If you are using QRadar 7.3.0, type systemctl restart ecs-ec.service.
- If you are using QRadar 7.3.1, type systemctl restart ecs-ec-ingress.service.
- Download the latest version of the Java Cryptography Extension from the IBM website (https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=jcesdk).
- Optional: If you are using QRadar 7.4.3 Fix Pack 4 or
earlier, complete the Installing unrestricted SDK JCE policy files procedure
(https://www.ibm.com/docs/en/qsip/7.4?topic=authentication-installing-unrestricted-sdk-jce-policy-files). Important: If you are using QRadar 7.4.3 Fix Pack 5 or later, do not install these files.