Changeset 30b7db74 for general/prog/openjdk.xml
- Timestamp:
- 10/29/2016 09:56:12 AM (7 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- be1bcf9c
- Parents:
- 7b8c7ec
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
general/prog/openjdk.xml
r7b8c7ec r30b7db74 553 553 <application>OpenJDK</application> uses its own format for the 554 554 CA certificates. Those certificates are located in a file named 555 <filename>/opt/jdk/jre/lib/security/cacerts</filename>. That file 556 may be generated from the one installed using the instructions on the 557 <xref linkend="cacerts"/> page, with the following procedure. 558 First, generate the <command>mkcacerts</command> script 555 <filename>/etc/ssl/java/cacerts</filename>. That file should be 556 generated using the system PKI trust store. The instructions 557 on the <xref linkend="cacerts"/> page will be used to do the update 558 by calling the following script. Install the 559 <command>mkcacerts</command> script and setup a symlink in the java 559 560 as the <systemitem class="username">root</systemitem> user: 560 561 </para> 561 562 562 <screen role="root"><userinput>cat > /opt/jdk/bin/mkcacerts << "EOF" 563 <screen role="root"><userinput>cat > /opt/jdk/bin/mkcacerts << "EOF" && 563 564 <literal>#!/bin/sh 564 565 # Simple script to extract x509 certificates and create a JRE cacerts file. … … 777 778 EOF 778 779 779 chmod -c 0755 /opt/jdk/bin/mkcacerts</userinput></screen> 780 chmod -c 0755 /opt/jdk/bin/mkcacerts && 781 ln -sfv /etc/ssl/java/cacerts /opt/jdk/jre/lib/security/cacerts</userinput></screen> 780 782 781 783 <note> … … 791 793 </para> 792 794 793 <screen role="root"><userinput>if [ -f / opt/jdk/jre/lib/security/cacerts ]; then794 mv / opt/jdk/jre/lib/security/cacerts \795 / opt/jdk/jre/lib/security/cacerts.bak795 <screen role="root"><userinput>if [ -f /etc/ssl/java/cacerts ]; then 796 mv /etc/ssl/java/cacerts \ 797 /etc/ssl/java/cacerts.bak 796 798 fi && 797 799 /opt/jdk/bin/mkcacerts \ … … 799 801 -k "/opt/jdk/bin/keytool" \ 800 802 -s "/usr/bin/openssl" \ 801 -o "/ opt/jdk/jre/lib/security/cacerts"</userinput></screen>803 -o "/etc/ssl/java/cacerts"</userinput></screen> 802 804 803 805 <para>Use the following commands to check if the … … 805 807 806 808 <screen role="root"><userinput>cd /opt/jdk 807 bin/keytool -list -keystore jre/lib/security/cacerts</userinput></screen>809 bin/keytool -list -keystore /etc/ssl/java/cacerts</userinput></screen> 808 810 809 811 <para>At the prompt "Enter keystore password:", press the "Enter" key if
Note:
See TracChangeset
for help on using the changeset viewer.