Configuring the JAVA environment

%general-entities; ]> $LastChangedBy$ $Date$ Configuring the JAVA environment Setting up the environment After the package installation is complete, the next step is to make sure that the system can properly find the files. If you set up your login scripts as recommended in , update the environment by creating the openjdk.sh script, as the root user: cat > /etc/profile.d/openjdk.sh << "EOF" # Begin /etc/profile.d/openjdk.sh # Set JAVA_HOME directory JAVA_HOME=/opt/jdk # Adjust PATH pathappend $JAVA_HOME/bin # Add to MANPATH pathappend $JAVA_HOME/man MANPATH # Auto Java CLASSPATH: Copy jar files to, or create symlinks in, the # /usr/share/java directory. Note that having gcj jars with OpenJDK 8 # may lead to errors. AUTO_CLASSPATH_DIR=/usr/share/java pathprepend . CLASSPATH for dir in `find ${AUTO_CLASSPATH_DIR} -type d 2>/dev/null`; do pathappend $dir CLASSPATH done for jar in `find ${AUTO_CLASSPATH_DIR} -name "*.jar" 2>/dev/null`; do pathappend $jar CLASSPATH done export JAVA_HOME unset AUTO_CLASSPATH_DIR dir jar # End /etc/profile.d/openjdk.sh EOF For allowing mandb to include the OpenJDK man pages in its database, issue, as the root user: cat >> /etc/man_db.conf << "EOF" && # Begin Java addition MANDATORY_MANPATH /opt/jdk/man MANPATH_MAP /opt/jdk/bin /opt/jdk/man MANDB_MAP /opt/jdk/man /var/cache/man/jdk # End Java addition EOF mkdir -p /var/cache/man mandb -c /opt/jdk/man Setting up the Certificate Authority Certificates for Java OpenJDK uses its own format for the CA certificates. The Java security modules use $JAVA_HOME/lib/security/cacerts by default. In order to keep all the certificates in one place, we use /etc/ssl/java/cacerts.jks. That file should be generated using the system PKI trust store. The instructions on the page should be used to update the file located in /etc/ssl/java. Run the conversion and setup a symlink in the default location as the root user: /usr/sbin/make-ca -g --force && ln -sfv /etc/ssl/java/cacerts.jks /opt/jdk/lib/security/cacerts Use the following commands to check if the cacerts file has been successfully installed: cd /opt/jdk bin/keytool -list -cacerts At the prompt Enter keystore password:, enter changeit (the default) or just press the Enter key. If the cacerts file was installed correctly, you will see a list of the certificates with related information for each one. If not, you need to reinstall them. If you later install a new JVM, you just have to create the symlink in the default location to be able to use the cacerts.