Install the Java Development Kit (JDK)

This topic provides details on how to install and configure the Java Development Kit (JDK).

Overview

Because the PPM Server is based on Java, the machine that hosts it must also host a Java Virtual Machine (JVM), which is part of the Java Development Kit (JDK). JDKs native to the operating systems supported by OpenText PPM are available from either Oracle or from the operating system vendor.

Note: You must install the complete JDK. The Java Runtime Environment (JRE) alone is not supported.

Back to top

Install the JDK

This section provides detailed steps of installing the JDK.

To install the JDK:

  1. Download the JDK for your operating system from Oracle or from your operating system vendor's Web site.

  2. Install the JDK according to the instructions provided by the vendor.

    Many operating systems require that you apply operating system-specific patches before you install the JDK. Make sure that you follow all instructions that the vendor provides.

    Some vendors provide custom installation packages that you can install automatically using a command such as pkgadd. Other vendors provide a TAR file that you must extract.

    Note: The directory path name must not contain spaces.

  3. Verify that your user name has the Java executable in its path by logging on and running the following the command:

    java -version

    This returns the Java version. If an error message is displayed, modify the path environment variable, as required.

  4. Verify that the JAVA_HOME environment variable is set correctly. If the path set for JAVA_HOME is not correct, set it to the correct value.

Back to top

(Optional) Configure JDK to use the unlimited strength Java Cryptography Jars

OpenText PPM supports control over the encryption suites used by its SSL (TLS) sockets. This can be specified by the server configuration parameter SSL_ENCRYPTION_SUITES.

The value for this parameter should contain a comma-separated list of the encryption suites to be made available to PPM Centre. These should be specified using the standard SSL/TLS cipher suite names.

For example, to specify that OpenText PPM should only establish connections using the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher suite:

com.kintana.core.server.SSL_ENCRYPTION_SUITES=TLS_DHE_RSA_WITH_AES_256_CBC_SHA

If using AES256 or similarly strong encryption, the JDK used by both OpenText PPM and the client must be configured to use the unlimited strength Java cryptography jars, if this is permissible in your jurisdiction and under US export laws.

Note: The SSL_ENCRYPTION_SUITES parameter only impacts the encryption algorithm used for RMIS traffic. There is no impact on HTTPS (SSL) encryption, nor on how the passwords and sensitive data are encrypted in OpenText PPM.

To configure your JDK to use the unlimited strength Java cryptography jars:

  1. Go to the Oracle Java Downloads web site.

  2. Download the unlimited strength Java cryptography jars that match your JDK version.

    For JDK 1.7.0, download Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 (UnlimitedJCEPolicyJDK7.zip).

  3. Extract the downloaded zip package.

  4. Copy the local_policy.jar and US_export_policy.jar files to the <JDK_HOME>/jre/lib/security directory on both your server side and client side to replace the existing files.

    Note: If you enabled secure RMI and are using a high strength encryption suite, such as AES256, make sure to follow the steps above to install the unlimited jars on machines which will run workbench.

Back to top