This documentation supports the 19.02 version of Remedy Deployment.

To view the latest version, select the version from the Product version menu.

Installing encryption on non-BMC Remedy applications

This topic explains how to install Performance Security or Premium Security on third-party or user applications that use the BMC Remedy AR System API to communicate with AR System servers. Use the same procedure for both Microsoft Windows and LINUX.

To install encryption on non-BMC Remedy C-based applications

  1. Upgrade the application to use the BMC Remedy AR System application programming interface (API).
  2. Install either Performance Security or Premium Security on your AR System server.
  3. Exit or stop any application processes that are running.
  4. Copy the encryption libraries for the appropriate platform from the server installation directory to the folder containing the application's BMC Remedy AR System API file.

    PlatformEncryption library filesAR System API files
    Linux 32-bit libarencrypt.so
    libcrypto.so
    libar.a (archive)
    libar.so (shared library)
    Linux 64-bit libarencrypt_lx64.so
    libarcrypto_lx64.so
    libar_lx64.a (archive)
    libar_lx64.so (shared library)
    Microsoft Windows 32-bitarencrypt VerNum .dllarapi VerNum .dll
    Microsoft Windows 64-bitarencrypt VerNum .win64.dllarapi VerNum .win64.dll
  5. If the system prompts, restart the application.

To install encryption on non-BMC Remedy Java-based applications

  1. Stop the Tomcat Service on the machine on which your non-BMC Remedy application is installed.
  2. Navigate to the <JRE_HOME>/lib/security/ folder and perform the following steps to back up the existing Java files that are being used by the non-BMC Remedy application:
    1. Rename java.security to java.security.backup.
    2. Rename local_policy.jar to local_policy.jar.backup.
    3. Rename US_export_policy.jar to US_export_policy.jar.backup.
  3. From your BMC Remedy Mid Tier server that is already encryption enabled, copy the following files to your JRE folder on the non-BMC Remedy machine:
    • local_policy.jar
    • US_export_policy.jar
    • java.security
      • security.provider.14=com.rsa.jsafe.provider.JsafeJCE
      • com.rsa.cryptoj.fips140initialmode=FIPS140_MODE

    Note

    If you want FIPS mode, use both security.provider.14=com.rsa.jsafe.provider.JsafeJCE and com.rsa.cryptoj.fips140initialmode=FIPS140_MODE. However, if you do not want FIPS mode, use only security.provider.14=com.rsa.jsafe.provider.JsafeJCE.

  4. From the <JRE_HOME>/lib/ext/ folder, copy the following files to the  <JRE_HOME>/lib/ext/ folder on the non-BMC Remedy machine:

    • cryptojce.jar
    • cryptojcommon.jar
    • jcmFIPS.jar
  5. Start the Tomcat service on your non-BMC Remedy machine.
    You should now be able to log into your non-BMC Remedy application.
Was this page helpful? Yes No Submitting... Thank you

Comments