Skip To Content

Managing data for S-63 encrypted datasets

In this topic

This topic describes how to best manage your S-63 encrypted datasets. The Maritime Chart Service supports both encrypted and unencrypted S-57 datasets within the same datasets folder. There is no technical restriction to set up separate map services.

Requesting USER_PERMIT.TXT from OEM

For the Maritime Chart Service to read S-63 encrypted datasets, the licensee of the Maritime Chart Service technology (data clients) must first request a user permit (USER_PERMIT.TXT) for each license of the Maritime Chart Service it plans to use for S-63 encrypted datasets.

To request a USER_PERMIT.TXT file, send an email to maritime@esri.com. Once your USER_PERMIT.TXT files are received, you will provide those permits to your data server, which will process the permit and provide the S-63 encrypted datasets.

Note:

You must tell your data server that Esri is the OEM so it can apply the correct manufacturer key to the encryption process.

Setting up your map service to support S-63

To load S-63 encrypted datasets, the following S-63 certificates and permits as well as your CATALOG.031 file must be located in certain folders.

  • IHO certificate (IHO.CRT)
  • User permit (USER_PERMIT.TXT)
  • Cell permit (PERMIT.TXT)
  • Exchange set catalog file (CATALOG.031)

IHO certificate (IHO.CRT)

The Schema Administrator (SA) Digital Certificate will always be provided in a file named IHO.CRT by the data server. The IHO.CRT file is available from IHO at http://www.iho.int.

The IHO.CRT file must be placed in your controlfiles folder. Each license of Maritime Chart Service requires a unique USER_PERMIT.TXT file.

Note:

If you are running multiple map services with the Maritime Chart Service enabled and require S-63 encrypted datasets for each map service, you will need to place the same IHO.CRT file under each controlfiles folder supporting that map service.

User permit (USER_PERMIT.TXT)

The USER_PERMIT.TXT file that you received from Esri must be placed in your controlfiles folder. Each license of Maritime Chart Service requires a unique USER_PERMIT.TXT file.

Note:

If you are running multiple map services with the Maritime Chart Service and require S-63 encrypted datasets for each map service, you will need to place the same USER_PERMIT.TXT file under each controlfiles folder supporting that map service.

Cell permit (PERMIT.TXT)

The PERMIT.TXT file is provided to you by your data server when your S-63 encrypted datasets are delivered. Each delivery of encrypted data will have a PERMIT.TXT file. PERMIT.TXT files must be placed in the same location as your S-63 encrypted datasets.

Delivery methods can vary between data servers, so the parent folder that contains the S-63 encrypted datasets that you are going to load should be used to store the associated PERMIT.TXT file. The following images are examples of where the PERMIT.TXT file should be located based on S-63 Ed. 1.1.1 section 7.5.1.1 Folder Definitions.

PERMIT.TXT location for base load
PERMIT.TXT location for base load
PERMIT.TXT location for update load
PERMIT.TXT location for update load

Exchange set catalog file (CATALOG.031)

Typically, your S-63 encrypted datasets should be delivered in an exchange set format similar to S-63 Ed. 1.1.1 section 7.5.1.1 Folder Definitions. To decrypt your S-63 datasets, it is required that a CATALOG.031 file exist under the ENC_ROOT folder containing your data. The CATALOG.031 file contains the full path relative to the ENC_ROOT directory for all files contained within the exchange set, including ENC signature files.

Note:

Unlike loading unencrypted S-57 datasets, where you can load datasets with or without the existence of a CATALOG.031 file, loading S-63 encrypted datasets will only be processed when a CATALOG.031 file exists. If no CATALOG.031 file is found and your data is encrypted, an 8211 open file error will be written to your log file.

Loading S-63 encrypted datasets

Once you have ensured that your certificates and permits, as well as your CATALOG.031 file, are in the correct location, you can begin loading your S-63 encrypted datasets. The loading process is the same as loading unencrypted datasets. The only difference is that S-63 encrypted datasets must have access to the IHO.CRT, USER_PERMIT.TXT, PERMIT.TXT, and CATALOG.031 files to properly decrypt the data. See Loading S-57 datasets for more information.