Encryption changes in 9.5/8.0.9 and issues with passwords

What Happened?

In Yellowfin 9.5 and 8.0.9 the cryptography algorithm used to encrypt passwords has been upgraded. This was done to provide you with a greater assurance in your data's safety, however some older versions of java will not work with these new security standards.

How do I know if I am affected by this?

Check the version of Java used by Yellowfin, if you are using Java 8 on a build lower than 1.8.0_251 then you will experience issues when trying to either:

  • Update a password field on an existing Datasource, SMTP Connection, LDAP Bind User
  • Creating a new Datasource, setting up and SMTP Connection or LDAP connection for the first time

To check your Java version, please go to Administration->System Information and review the Java Version property in the System Information section at the top of the page, similar to the example below:

For more details on the System Information page check out our wiki here.

What do I need to do?

There are two paths forward for this:

  1. Upgrade to a later Java release
  2. Upgrade the security components of your current Java

Upgrading to a later Java release

This would be the most robust option. 

If you are on Windows, please download a newer version of Java (from Oracle, AdoptOpenJDK, or another provider) and install it as per their instructions. 

If you are on linux, please ensure your system has the most recent packages from your repo. Alternatively, install a newer version of java.

You will need to update some Yellowfin configurations to point to the new java version. This article will guide you on this process.

Upgrade the security components of your current Java

To upgrade only the required security components, please complete the following:

  1. Shut down Yellowfin
  2. Take a copy of your current Java security folder. This will be found in you Java install directory under /lib/security (eg C:\Program Files\Java\jre-1.8.0_144\lib\security).
  3. Download the jce-policy from this link (Oracle account is required).
  4. Extract the zip file and copy the two jar files into your Java security directory (replacing the existing files).
  5. Start Yellowfin

Where can I learn more?

A full list of changes for Yellowfin 9.5 can be found in our wiki here.

Is this article helpful?
1 0 0