Installing CT-V as .Net APIs
This topic lets you install CT-V as the .Net API.
Prerequisites
The prerequisites of installing .Net based CT-V are:
Before you use the installer file, the .Net Framework and Java must already be installed, and you must create a Token Vault.
If CT-V is already installed, the first run of installer deletes it. Use the installer again and you are given a choice of installing either traditional CT-V or the CT-V WebService. The new installed version includes all build and sample files.
Note
Before installing .Net based CT-V 8.12.4, uninstall CT-V 8.4.0 or any lower version manually, if already installed; else the installation will fail.
.Net versions below 4.0 are not supported.
Make sure that you set up the
JAVA_HOME
variable to<Java Install Directory>/jre
as a system variable and add<JAVA_HOME/jre/bin/server>
(for Java 10/11/17,<JAVA_HOME/bin/server>
) to system path variable.Set the
JAVA_HOME
variable to the location of your JVM. The JVM version must be 8 (minimum 1.8.0_111), 10, 11, or 17. When using JRE, the jar and properties files will be placed in<JAVA_HOME/lib/ext>
. On using JDK, the jar and properties files are placed in<JAVA_HOME/jre/lib/ext>
. For Java 10/11/17, the jar and properties files are placed in the default location<C:\Program Files\SafeNet>
. Make sure that the location is part of your CLASSPATH.Download the encryption policy files for unlimited strength ciphers (US_export_policy.jar and local_policy.jar) and install them in
<JAVA_HOME/lib/security>
. You need these to use AES-256 keys.For Sun/Oracle Java, download corresponding version of the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files from: https://www.oracle.com/technetwork/java/javase/downloads/index.html
Note
For Java 10, 11, and 17, the encryption policy files are not required to be installed separately.
The KeySecure Classic allows the clients to perform key and policy configuration operations. Make sure that the Allow Key and Policy Configuration Operations field is enabled on the Cryptographic Key Server Properties section on the Cryptographic Key Server Configuration page (Navigate to Device >> Key Server. Select NAE-XML.)
Remove any earlier versions of the CADP JCE Provider (IngrianNAE-x.x.x.jar) from
<JAVA_HOME/lib/ext>
or<JAVA_HOME/jre/lib/ext>
. Any existing older version of the IngrianNAE jar file can abort the installation process immediately with an error.You cannot simply rename the old jar file. It must be deleted or moved to a directory other than
JAVA_HOME
; otherwise, the JVM will still find it, even if it has a file name that does not end in .jar.Create a backup of any existing
IngrianNAE.properties
file. The installer copies your previous settings to the new properties file, but any embedded comments can be lost. Keeping a copy of your old properties file helps you if troubleshooting is necessary.Have access to a database user account with the following permissions:
CREATE TABLE
SELECT on the token vault table
INSERT on the token vault table
DELETE on the token vault table
UPDATE on the token vault table
If you have multiple instances or versions of Java on your machine, ensure that the following are true before testing the CT-V:
The CLASSPATH variable lists the JDK/JRE instance that holds the CT-V files. If the CLASSPATH variable includes multiple JDKs or JREs, the instance used by the CT-V must be listed before the others.
If the CADP JCE is not installed in
JAVA_HOME/lib/ext
, the CLASSPATH variable includes the IngrianNAE- 8.12.2.000.jar file included in this software.No other java bin directories occur before the system32 directory in the PATH variable.
The first instance of
java.exe
file included in the PATH variable is the same as thejava.exe
included inJAVA_HOME/bin
.
Create CT-V .Net environment in Windows 2012 R2, user is required to perform the following steps:
Install Microsoft Visual C++ 2010x64 redistributable.
Configure JAVA_HOME System variable (Example JAVA_HOME = C:/Program Files/Java/jdk1.8.0_66).
Add JAVA_HOME/jre/bin/server to Path System variable (Example Path = C:/Program Files/Java/ jdk1.8.0_66/jre/bin/server).
Install CT-V (.Net/Web Services) and Run Sample.
Create NAE user on Key Manager.
Create Versioned AES-256 key and non-versioned HmacSHA256 key on Key Manager.
Create Token vault using either KeySecure Classic UI or API.
Extracting the Package
Navigate to the directory where you have downloaded the CT-V deliverable.
Unzip the software file using any standard archive utility. The software adheres to the following naming convention:
Part Number - Product Name - Product Version Number - File Format
For example,
610-000671-002_CipherTrustVaultedTokenization-8.12.4.000-xxx.zip
When the CT-V package is extracted, a directory structure is created. Refer to "CipherTrust Vaulted Tokenization Package Details" for details.
CT-V Installation as .Net API
CT-V provides .Net Developers with an InstallShield Wizard to simplify the installation process. Perform the following steps to install CT-V as .Net API:
Run the
SafeNetTokenization.exe
file in Administrative mode from location<SafeNetTokenization-8.12.4.000-xxx\SafeNetTokenization\Tokenization\dotNet\x64 (or x86)>
.Click Next.
Select I accept the terms in the license agreement and click Next.
Select the CipherTrust Vaulted Tokenization option to install .Net API and click Next.
The default installation directory is
C:\Program Files\SafeNet\
. To change the default installation directory, click Change, else, click Next.Click Install on the Ready to Install the Program screen.
The CipherTrust Vaulted Tokenization (CT-V) Installer screen is displayed on the console.
Here, perform these steps:
Enter Yes to install the CipherTrust Vaulted Tokenization.
Enter Yes to install the CADP JCE Provider in the JAVA_HOME\ext directory. Enter No if Java is installed in different location.
Note
For Java 10, 11, and 17, the prompt to install the CADP JCE Provider is not there. It gets installed in the default location C:\Program Files\SafeNet.
The installer lists the properties that are used by CADP JCE to connect to Key Manager.
If using IPV6 address, specify it in curly braces, for example, {2002:0dc8:85k3:0000:0000:9a2e:0370:5221}.
Note
A combination of IPv4 and IPv6 addresses can be specified, provided, they are separated by colons(:) and each IPv6 address must be enclosed within {}. IPv6 is supported only for CipherTrust Manager.
Enter Yes and All to update the properties. Enter No to continue with the existing properties.
The installer lists the properties that are used by CT-V to connect to the database.
Enter Yes to update the properties. Enter No to continue with the existing properties.
Note
If Informix is specified in DatabaseType then Informix server name is to be provided for InformixServerName parameter.
The installer prompts you to Run the CipherTrust Vaulted Tokenization Upgrade. Enter Yes to upgrade. In case of fresh installation enter No.
Enter NAE and Database credentials to verify CT-V installation.
Note
When installing CT-V for the Informix database for first time, user should skip this test.
Enter Yes to show list of vaults.
Enter token vault name to run the test or skip the test.
The InstallShield Wizard Completed screen is displayed, click Finish to exit the wizard.
Note
The IngrianNAE.jar file appears under the location specified in
JAVA_HOME/lib/ext
folder. In case of Java 10, 11, and 17, it appears underC:\Program Files\SafeNet\
.
CT-V provides the feature to install the application in silent mode, see Silent Installation.