Installing Java LiveUpdate (JLU) Manually
after Symantec Mail Security for Domino (SMSDOM) has been installed
Larry Wall
Sr. Principle Software Support Engineer
Installing Java LiveUpdate (JLU) Manually after SMSDOM
1
We Will Cover The Following Topics
1
Introduction
2
Downloading/Installing Java
3
Downloading/Installing Java Crypto Extensions (JCE)
4
Install Java LiveUpdate (JLU)
5
Replace the liveupdate.conf file
6
Replace the Product.Catalog.JavaLiveUpdate file
7
Problems you may encounter
Installing Java LiveUpdate (JLU) Manually after SMSDOM
2
Introduction
• You may be installing JLU after SMSDOM because
– When SMSDOM was originally installed Java/JCE was not installed
– Definitions were originally coming from another Symantec product like
SEP but this is no longer the case
– During the installation you forgot to check to install LiveUpdate
• The basics to installing Java LiveUpdate are
– Install Java
– Install Java Cryptography Extensions (JCE)
– Install Java LiveUpdate (JLU)
Installing Java LiveUpdate (JLU) Manually after SMSDOM
3
While this presentation is specifically tailored for installing JLU
after SMSDOM, the same steps with some minor modifications can be
done to work with other products.
Your paths could be different depending on OS version and bit
version. It is more confusing when on a 64bit machine because 64bit
and 32bit applications can both run. Minimally you need the same bit
version of Java to match the bit version of SMSDOM. But you can
simplify this by just installing both 32bit and 64bit versions of Java.
Also, the Product.Catalog.JavaLiveUpdate file may need to be
changed. It needs to contain the correct moniker and product name in
order to download the proper definitions.
Lastly, the steps listed are specifically for Windows. JLU works
across different types of operating systems because it is a Java program.
But the basics are still the same, install java, java cryptography
extensions (if required), install Java LiveUpdate, and then make sure the
configuration files are okay. As of this writing JCE is not needed on AIX
for example because the program will not try to encrypt/decrypt the
liveupdate.conf file.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
4
Download Java JRE and JCE
The newer versions of JLU require Java 5 (also called 1.5) or higher. You
can download this from java.com but because you may also need to download JCE
a better location http://www.oracle.com/technetwork/java/javase/downloads/index.html.
You want to download the JRE (need runtime environment minimally) and then
down near the bottom you will see the Java Cryptography Extension (JCE)
Unlimited Strength Jurisdiction Policy Files.
• Note
There is only one JCE package for each major version of Java. For
example, JCE 6 will work for all builds of Java 6 including 32bit and 64bit versions as
well.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
5
Installing Java JRE
When installing Java JRE just accept the default settings.
Depending on bit version and the OS version will depend on
where the files have installed to. Typically you will find 32bit Java
installed to C:\Program Files\Java and 64bit to C:\Program File
(x86)\Java.
– You can install both 32bit and 64bit versions of Java if you like on a 64bit
OS. This is a good idea to do if you are testing both bit versions on one
machine or you just have a combination of 32bit and 64bit applications
that require Java.
– After installing you should be able to go to DOS prompt and run java
commands. If you type “java –version” it should return version
information for the first found version of java.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
6
Installing Java JCE
Installing Java JCE is easy. You just open the zip file, go
into jce folder, and copy the two jar files (US_export_policy.jar &
local_policy.jar) to the proper location. The files can be used for
both 32bit and 64bit Java but the versions must match. So JCE 6
jar files must be used for Java 6 (32bit or 64bit).
– If Java is installed to C:\Program Files\Java go to C:\Program
Files\Java\jre\lib\security and put both jar files there.
– If Java is installed to C:\Program Files (x86)\Java go to C:\Program Files
(x86)\Java\jre\lib\security and put both jar files there.
– Also, if Java is installed to both of those locations you should just go
ahead and apply the two JCE jar files to both locations to keep from
having one that works and one that doesn’t which could be confusing.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
7
Installing Java LiveUpdate
• If you installed SMSDOM from a self uncompressing, self
executing file then this would have to be uncompressed first so
that you have access to the data1.cab file. For example,
Symantec_Mail_Security_Domino_8.0.9.151_Win64_IN.exe. If
your installation package is already uncompressed go to the
next slide.
1.
2.
3.
4.
5.
6.
Create a folder called uncompressed on your desktop
Doubled click to execute the program
Press OK to when window pops up saying “This program installs Mail
Security x.x for Domino.”
In the next window Browse to and select your uncompressed folder and
then uncheck “When done unzipping open: Setup.exe.” This way it
uncompresses to your folder but does not try to install SMDOM.
Next Close the installer.
Goto your uncompressed folder.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
8
Note: If you uncompressed the 64bit version of SMSDOM, go to uncompressed folder and
then double click the Data1.cab file to open it so that you can access the files inside. If you had
uncompressed the 32bit version of SMSDOM, you will see two folders called SMSDOM and
SMSDOM-x64 and this may be confusing. The SMSDOM-x64 is still 32bit compilation but was
specifically compiled as a 32bit application to run on a 64bit OS. You can choose either folder
to go into because the jlu.jar file we are looking for is the same in both folders. Once in that
folder open the Data1.cab file by double clicking it.
7.
Copy the jlu.jar.54E561A0_BE49_4E56_B71C_FC93C7BAF85D to your
desktop. The numbers and letters after as part of the file name after
jlu.jar may be different.
8.
Rename the file to just jlu.jar
9.
Now copy jlu.jar to the root of your C:\ drive.
10. Bring up a Command Window to enter DOS commands and go to the
root by typing “cd \” and pressing enter.
11. Type “java -classpath jlu.jar Installer” and press enter. JLU should
install.
12. Can now delete the jlu.jar file by typing “del jlu.jar” and press enter.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
9
Replace liveupdate.conf file
Some important notes about the liveupdate.conf file and JLU.
• More than likely if you have been running without JLU then there is a possibility that your
liveupdate.conf file is incomplete, empty, or just plane 0 bytes in size.
• Newer versions of SMSDOM will try to encrypt the liveupdate.conf file after installing and
so if JCE is not installed prior, the liveupdate file could be 0 bytes in size right from the
start.
• JLU can open and understand a readable text or encrypted version of liveupdate.conf file.
So if you want to test a proxy setting keep a text version of this file, add the settings, then
copy this over to the one used by JLU.
• Most of the generic settings like host/0, host/1,host/2, workdir, and logging are built into
JLU. If they do not exist in the liveupdate.conf file then the defaults are used. For this
reason a 0 byte liveupdate.conf file will not prevent JLU from trying to run with the
defaults.
• If JCE is not present the liveupdate.conf file will become 0 bytes in size after JLU runs. This
is because after JLU has determined its settings and has run it will then pass the settings to
JCE for encryption. If JCE is not present Java will return 0 bytes of encrypted data. And
then we overwrite the file with 0 bytes.
Example problem – customer puts proxy settings in so that LiveUpdate works. They report it works
one time and then no longer works. What happened was that they added their own
liveupdate.conf file with the proxy settings and because JCE did not exist here is what happened.
First JLU reads the settings, including the proxy settings in and works. But after running, JLU sends
the settings to Java to be encrypted. JCE does not exist and so liveupdate.conf file becomes 0
bytes.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
10
Default liveupdate.conf file for OSs older than Windows 2008 Server.
############################################################
#
#
# livepdate.conf - Symantec LiveUpdate configuration file
#
#
#
# This file is used to configure the settings used by
#
# LiveUpdate
#
#
#
############################################################
hosts/0/url=http://liveupdate.symantecliveupdate.com:80
hosts/1/url=http://liveupdate.symantec.com:80
hosts/2/login:ENC=b3effdd10d982d2c7339c9604c67c34c
hosts/2/password:ENC=18d2e2d4c1445548f8a5ef124ed20bfd
hosts/2/url=ftp://update.symantec.com/opt/content/onramp
logfile=C:\Documents and Settings\All Users\Application Data\Symantec\Java LiveUpdate\liveupdt.log
workdir=C:\Documents and Settings\All Users\Application Data\Symantec\Java LiveUpdate\Downloads
serverlogging=true
cacheMode=false
Installing Java LiveUpdate (JLU) Manually after SMSDOM
11
Default liveupdate.conf file for Windows 2008 Server and Newer.
############################################################
#
#
# livepdate.conf - Symantec LiveUpdate configuration file
#
#
#
# This file is used to configure the settings used by
#
# LiveUpdate
#
#
#
############################################################
hosts/0/url=http://liveupdate.symantecliveupdate.com:80
hosts/1/url=http://liveupdate.symantec.com:80
hosts/2/login:ENC=b3effdd10d982d2c7339c9604c67c34c
hosts/2/password:ENC=18d2e2d4c1445548f8a5ef124ed20bfd
hosts/2/url=ftp://update.symantec.com/opt/content/onramp
logfile=C:\ProgramData\Symantec\Java LiveUpdate\liveupdate.conf
workdir=C:\ProgramData\Symantec\Java LiveUpdate\Downloads
serverlogging=true
cacheMode=false
Installing Java LiveUpdate (JLU) Manually after SMSDOM
12
You can go ahead and copy the liveupdate.conf file from one of the
last couple slides and use this as your default liveupdate.conf file. You can
then modified as needed in the future. You do need to make sure the paths
are correct for the workdir and logging parameters.
The settings in the liveupdate.conf file are also case sensitive. So the
cacheMode line must have that M capitalized or else it will not work. If
cacheMode equals false JLU will remove cache files when it is done. This will
help prevent running out of disk space.
If you use a text based liveupdate.conf file and then run JLU the file
will become encrypted. Once encrypted you can either overwrite this with
another text based copy or you can use the ConfigEditor parameter to bring up
a GUI for making changes. To run this editor find where jlu.jar installed itself
to. Could be one of the following paths:
C:\Program Files\Common Files\Symantec Shared\Java LiveUpdate
C:\Program Files (x86)\Common Files\Symantec Shared\Java LiveUpdate
Go to this folder with command window DOS prompt and then run the
following command:
java -classpath jlu.jar ConfigEditor
If this does not work you may have to type the whole Java path inside of
quotes like this for example:
“C:\Program Files (x86)\Java\jre\bin\java.exe” -classpath jlu.jar ConfigEditor
Installing Java LiveUpdate (JLU) Manually after SMSDOM
13
Replace Product.Catalog.JavaLiveUpdate file
Some important notes about the Product.Catalog.JavaLiveUpdate file and JLU.
• This file is located where you would find the liveupdate.conf file. On servers older
than Windows 2008 it would be:
%AllUsersProfile%\Application Data\Symantec\Java LiveUpdate
And for Windows 2008 and newer it would be:
%AllUsersProfile%\Symantec\Java LiveUpdate
• There is a possibility that this file is 0 bytes in size. This can happen if someone tried
to run LiveUpdate and it was not installed.
• JLU will look at this file first to see if liveupdate is needed to run. If you run
LiveUpdate now and new defs come in and then turn around and run LiveUpdate
again, JLU will be able to quickly determine this is not needed. We have seen weird
scenarios where JLU failed to download new definitions but still updated this file.
And so when you then try to test LiveUpdate again it just says you have the latest
defs. If you experience this just replace the file with a default copy.
• If you keep a copy of the file just remember that the moniker and product listed in
the file is different for 32 and 64bit versions. These are also different for other
products as well. If you use the 32bit version on 64bit SMSDOM it will cause an
initialization failure because the 64bit files will not be there like expected.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
14
Default Product.Catalog.JavaLiveUpdate file
for 32bit SMSDOM on Windows
[{6B9B12D6-93E0-460e-BF4E-0A7251925D80}]
MONIKER={6B9B12D6-93E0-460e-BF4E-0A7251925D80}
PRODUCTNAME=SMSDOM Windows Virus Definitions
PRODUCT=SMSDOM Windows Virus Definitions
VERSION=8.0
LANGUAGE=English
SEQ.VirusDef=0
[{C498C4FD-B2DE-4415-BE68-5CA2BD9D113F}]
MONIKER={C498C4FD-B2DE-4415-BE68-5CA2BD9D113F}
PRODUCTNAME=SMSDOM VSP
PRODUCT=SMSDOM VSP
VERSION=2.0
LANGUAGE=SymAllLanguages
SEQ.VSP=0
Installing Java LiveUpdate (JLU) Manually after SMSDOM
15
Default Product.Catalog.JavaLiveUpdate file
for 64bit SMSDOM on Windows
[{17199101-194A-4883-85F9-B6FA33381C03}]
MONIKER={17199101-194A-4883-85F9-B6FA33381C03}
PRODUCTNAME=SMSDOM Windows64 Virus Definitions
PRODUCT=SMSDOM Windows64 Virus Definitions
VERSION=8.0
LANGUAGE=English
SEQ.VirusDef=0
[{C498C4FD-B2DE-4415-BE68-5CA2BD9D113F}]
MONIKER={C498C4FD-B2DE-4415-BE68-5CA2BD9D113F}
PRODUCTNAME=SMSDOM VSP
PRODUCT=SMSDOM VSP
VERSION=2.0
LANGUAGE=SymAllLanguages
SEQ.VSP=0
Installing Java LiveUpdate (JLU) Manually after SMSDOM
16
Default Product.Catalog.JavaLiveUpdate file
for 32bit SMSDOM on AIX
[{5C5CD07E-2B50-4a23-A410-F3A935AB5920}]
MONIKER={5C5CD07E-2B50-4a23-A410-F3A935AB5920}
PRODUCTNAME=SMSDOM AIX Virus Definitions
PRODUCT=SMSDOM AIX Virus Definitions
VERSION=8.0
LANGUAGE=English
SEQ.VirusDef=0
[{A7F40636-A387-49da-8C21-8CDAC9FB79B9}]
MONIKER={A7F40636-A387-49da-8C21-8CDAC9FB79B9}
PRODUCTNAME=SMSDOM VSP
PRODUCT=SMSDOM VSP
VERSION=2.0
LANGUAGE=SymAllLanguages
SEQ.VSP=0
Installing Java LiveUpdate (JLU) Manually after SMSDOM
17
Default Product.Catalog.JavaLiveUpdate file
for 64bit SMSDOM on AIX
[{5C5CD07E-2B50-4a23-A410-F3A935AB5920}]
MONIKER={5C5CD07E-2B50-4a23-A410-F3A935AB5920}
PRODUCTNAME=SMSDOM AIX64 Virus Definitions
PRODUCT=SMSDOM AIX64 Virus Definitions
VERSION=8.0
LANGUAGE=English
SEQ.VirusDef=0
[{A7F40636-A387-49da-8C21-8CDAC9FB79B9}]
MONIKER={A7F40636-A387-49da-8C21-8CDAC9FB79B9}
PRODUCTNAME=SMSDOM VSP
PRODUCT=SMSDOM VSP
VERSION=2.0
LANGUAGE=SymAllLanguages
SEQ.VSP=0
Installing Java LiveUpdate (JLU) Manually after SMSDOM
18
Problems you may encounter
• Product.Catalog.JavaLiveUpdate is 0 bytes in size. This can happen if someone tries
to run LiveUpdate and LiveUpdate was not installed. Replace file with correct default
to correct issue.
• When running LiveUpdate it returns quickly with status saying you already have the
latest definitions. Product.Catalog.JavaLiveUpdate may have been updated even
though JLU failed. Replace file with correct default and look at the last logs in the
livupdt.log to figure out and fix issue with JLU then try running LiveUdpate again.
• liveupdate.conf file is 0 bytes in size. JCE is not installed. Install JCE, replace
liveupdate.conf file with default plus any additional changes, and then try LiveUpdate
again.
• After new definitions have downloaded SMSDOM fails saying SMSDOM ERROR:
Unable to initialize SMSDOM engine. on the Domino console. Either bad set of
definitions or you have incorrect Product.Catalog.JavaLiveUpate file that caused JLU
to get wrong definitions. When this causes nntask to fail it can also cause mail to
backup as dead with our dead failure reason.
• If when you run LiveUpdate from the GUI and see the error Could not locate
installation directory then SMSDOM cannot find Java. This could be related to
multiple versions of Java installed or bad registry settings. You can add the SAVJava=
line to your notes.ini to inform SMSDOM which folder java.exe is located. The path
must end with a backslash (\). On 64bit Windows it may be something like this:
SAVJava=C:\Program Files\Java\jre6\bin\
Installing Java LiveUpdate (JLU) Manually after SMSDOM
19
Conclusion
There are a lot of variables that can make
installing and troubleshooting Java LiveUpdate seem like
a difficult task. But really when it comes to just
installing after a install of SMSDOM, you just need to
install java, jce, jlu, and replace the two configuration
files. If you have each of these already in front of you
and on the machine intended for this process can be
done in just a few minutes.
Essentially the same requirements are needed for
AIX without the need for JCE. But you do need good
running Java, JLU and configuration files.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
20
Thank you!
Larry Wall
Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,
are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Installing Java LiveUpdate (JLU) Manually after SMSDOM
21