Installing CT-V as .Net APIs

This topic lets you install CT-V as the .Net API.

Prerequisites

The prerequisites of installing .Net based CT-V are:

• Before you use the installer file, the .Net Framework and Java must already be installed, and you must create a Token Vault.

• If CT-V is already installed, the first run of installer deletes it. Use the installer again and you are given a choice of installing either traditional CT-V or the CT-V WebService. The new installed version includes all build and sample files.

  Note

  • Before installing .Net based CT-V 8.12.3, uninstall CT-V 8.4.0 or any lower version manually, if already installed; else the installation will fail.

  • .Net versions below 4.0 are not supported.

• Make sure that you set up the JAVA_HOME variable to <Java Install Directory>/jre as a system variable and add <JAVA_HOME/jre/bin/server> (for Java 10/11/17, <JAVA_HOME/bin/server>) to system path variable.

• Set the JAVA_HOME variable to the location of your JVM. The JVM version must be 7 (minimum 1.7.0_121), 8 (minimum 1.8.0_111), 10, 11, or 17. When using JRE, the jar and properties files will be placed in <JAVA_HOME/lib/ext>. On using JDK, the jar and properties files are placed in <JAVA_HOME/jre/lib/ext>. For Java 10/11/17, the jar and properties files are placed in the default location <C:\Program Files\SafeNet>. Make sure that the location is part of your CLASSPATH.

• Download the encryption policy files for unlimited strength ciphers (US_export_policy.jar and local_policy.jar) and install them in <JAVA_HOME/lib/security>. You need these to use AES-256 keys.

  For Sun/Oracle Java, download corresponding version of the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files from: https://www.oracle.com/technetwork/java/javase/downloads/index.html

  Note

  For Java 10, 11, and 17, the encryption policy files are not required to be installed separately.

• The KeySecure Classic allows the clients to perform key and policy configuration operations. Make sure that the Allow Key and Policy Configuration Operations field is enabled on the Cryptographic Key Server Properties section on the Cryptographic Key Server Configuration page (Navigate to Device >> Key Server. Select NAE-XML.)

• Remove any earlier versions of the CADP JCE Provider (IngrianNAE-x.x.x.jar) from <JAVA_HOME/lib/ext> or <JAVA_HOME/jre/lib/ext>. Any existing older version of the IngrianNAE jar file can abort the installation process immediately with an error.

• You cannot simply rename the old jar file. It must be deleted or moved to a directory other than JAVA_HOME; otherwise, the JVM will still find it, even if it has a file name that does not end in .jar.

• Create a backup of any existing IngrianNAE.properties file. The installer copies your previous settings to the new properties file, but any embedded comments can be lost. Keeping a copy of your old properties file helps you if troubleshooting is necessary.

• Have access to a database user account with the following permissions:

  • CREATE TABLE

  • SELECT on the token vault table

  • INSERT on the token vault table

  • DELETE on the token vault table

  • UPDATE on the token vault table

• If you have multiple instances or versions of Java on your machine, ensure that the following are true before testing the CT-V:

  • The CLASSPATH variable lists the JDK/JRE instance that holds the CT-V files. If the CLASSPATH variable includes multiple JDKs or JREs, the instance used by the CT-V must be listed before the others.

  • If the CADP JCE is not installed in JAVA_HOME/lib/ext, the CLASSPATH variable includes the IngrianNAE- 8.12.2.000.jar file included in this software.

  • No other java bin directories occur before the system32 directory in the PATH variable.

  • The first instance of java.exe file included in the PATH variable is the same as the java.exe included in JAVA_HOME/bin.

• Create CT-V .Net environment in Windows 2012 R2, user is required to perform the following steps:

  • Install Microsoft Visual C++ 2010x64 redistributable.

  • Configure JAVA_HOME System variable (Example JAVA_HOME = C:/Program Files/Java/jdk1.8.0_66).

  • Add JAVA_HOME/jre/bin/server to Path System variable (Example Path = C:/Program Files/Java/ jdk1.8.0_66/jre/bin/server).

  • Install CT-V (.Net/Web Services) and Run Sample.

• Create NAE user on Key Manager.

• Create Versioned AES-256 key and non-versioned HmacSHA256 key on Key Manager.

• Create Token vault using either KeySecure Classic UI or API.

Extracting the Package

• Navigate to the directory where you have downloaded the CT-V deliverable.

• Unzip the software file using any standard archive utility. The software adheres to the following naming convention:

  Part Number - Product Name - Product Version Number - File Format

  For example, 610-000671-002_CipherTrustVaultedTokenization-8.12.3.000-xxx.zip

When the CT-V package is extracted, a directory structure is created. Refer to "CipherTrust Vaulted Tokenization Package Details" for details.

CT-V Installation as .Net API

CT-V provides .Net Developers with an InstallShield Wizard to simplify the installation process. Perform the following steps to install CT-V as .Net API:

1. Run the SafeNetTokenization.exe file in Administrative mode from location <SafeNetTokenization-8.12.3.000-xxx\SafeNetTokenization\Tokenization\dotNet\x64 (or x86)>.

2. Click Next.

   

3. Select I accept the terms in the license agreement and click Next.

   

4. Select the CipherTrust Vaulted Tokenization option to install .Net API and click Next.

   

5. The default installation directory is C:\Program Files\SafeNet\. To change the default installation directory, click Change, else, click Next.

   

6. Click Install on the Ready to Install the Program screen.

   

   The CipherTrust Vaulted Tokenization (CT-V) Installer screen is displayed on the console.

   

   Here, perform these steps:

   1. Enter Yes to install the CipherTrust Vaulted Tokenization.

   2. Enter Yes to install the CADP JCE Provider in the JAVA_HOME\ext directory. Enter No if Java is installed in different location.

      Note

      For Java 10, 11, and 17, the prompt to install the CADP JCE Provider is not there. It gets installed in the default location C:\Program Files\SafeNet.

      

      The installer lists the properties that are used by CADP JCE to connect to Key Manager.

      If using IPV6 address, specify it in curly braces, for example, {2002:0dc8:85k3:0000:0000:9a2e:0370:5221}.

      Note

      A combination of IPv4 and IPv6 addresses can be specified, provided, they are separated by colons(:) and each IPv6 address must be enclosed within {}. IPv6 is supported only for CipherTrust Manager.

   3. Enter Yes and All to update the properties. Enter No to continue with the existing properties.

      The installer lists the properties that are used by CT-V to connect to the database.

      

   4. Enter Yes to update the properties. Enter No to continue with the existing properties.

      Note

      If Informix is specified in DatabaseType then Informix server name is to be provided for InformixServerName parameter.

   5. The installer prompts you to Run the CipherTrust Vaulted Tokenization Upgrade. Enter Yes to upgrade. In case of fresh installation enter No.

   6. Enter NAE and Database credentials to verify CT-V installation.

      Note

      When installing CT-V for the Informix database for first time, user should skip this test.

   7. Enter Yes to show list of vaults.

   8. Enter token vault name to run the test or skip the test.

   9. The InstallShield Wizard Completed screen is displayed, click Finish to exit the wizard.

      

      Note

      The IngrianNAE.jar file appears under the location specified in JAVA_HOME/lib/ext folder. In case of Java 10, 11, and 17, it appears under C:\Program Files\SafeNet\.

CT-V provides the feature to install the application in silent mode, see Silent Installation.