Troubleshooting
Problem
Symptom
[WARNING] CAM-CRP-1632 The selected PDF Confidentiality algorithm is not permitted by the NIST SP 800-131A standard. You must change the selected algorithm to a stronger algorithm such as 'AES-256'. You might need to install the JRE's unlimited jurisdiction policy files to enable all of the supported algorithms. It is available from http://ibm.com
Cause
Diagnosing The Problem
Resolving The Problem
IBM Cognos Analytics is configured to support the NIST SP800-131a security standard. To be compliant with this security standard, you must use a JRE that also supports this standard.
If your JRE supports it, skip the download and set the values as described under Configuration.
Unrestricted SDK JCE policy files
Steps to follow if your version of JRE is not version 8
- Download the file unrestrictedpolicyfiles.zip
- Extract the files from zip
- Go to <cognos_installation>\jre\lib\security
- Back up the local_policy.jar and US_export_policy.jar files
-
Place the new files from the unrestricted folder from the policy file download into this directory, replacing the existing ones.
A new value will display for the field "PDF Confidentiality Algorithm - Advanced encryption standard with Cipher Block Chaining (CBC) mode 256-bit key". Please change the PDF Confidentiality Algorithm as well as the Confidentiality Algorithm to this field.
Note that you may need to right-click on 'Supported cipher suites' and select "Reset to Default" in order to pull in the new ciphers. If not, you may require to select the drop-down option for each attribute to explicitly choose the correct value.
Related Information
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
05 April 2023
UID
ibm10884902