Ignore:
Timestamp:
03/15/2018 05:42:49 PM (4 years ago)
Author:
Pierre Labastie <pieere@…>
Branches:
10.0, 10.1, 11.0, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, ken/refactor-virt, lazarus, perl-modules, qt5new, trunk, xry111/git-date, xry111/git-date-for-trunk, xry111/git-date-test
Children:
ce005d8d
Parents:
0dc1b7b
Message:

Move the instructions to install the JAVA CA certificates to "Configuring the
JAVA environment" and host jtreg on anduin.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@19953 af4574ff-66df-0310-9fd7-8a98e5e911e0

File:
1 edited

Legend:

Unmodified
Added
Removed
  • general/prog/ojdk-conf.xml

    r0dc1b7b r55bcdd7  
    1515
    1616  <title>Configuring the JAVA environment</title>
     17
     18  <sect2 id="java-profile">
     19    <title>Setting up the environment</title>
    1720
    1821    <para>
     
    7578mandb -c /opt/jdk/man</userinput></screen>
    7679
     80  </sect2>
     81
     82  <sect2 id="ojdk-certs" xreflabel="installing the JVM Certificate Authority Certificates">
     83
     84    <title>Setting up the Certificate Authority Certificates for Java</title>
     85
    7786    <para>
    78       The installation of the JRE certificate authority bundle
    79       is described in the <xref linkend="ojdk-certs"/> section.
     87      <application>OpenJDK</application> uses its own format for the
     88      CA certificates. The Java security modules use
     89      <envar>$JAVA_HOME</envar><filename>/lib/security/cacerts</filename> by
     90      default. In order to keep all the certificates in one place, we use
     91      <filename>/etc/ssl/java/cacerts.jks</filename>. That file should be
     92      generated using the system PKI trust store. The instructions
     93      on the <xref linkend="make-ca"/> page should be used to update the file
     94      located in <filename class="directory">/etc/ssl/java</filename>.
     95      Run the conversion and setup a symlink in the default location as the
     96      <systemitem class="username">root</systemitem> user:
    8097    </para>
    8198
     99<screen role="root"><userinput>/usr/sbin/make-ca -g --force &amp;&amp;
     100ln -sfv /etc/ssl/java/cacerts.jks /opt/jdk/lib/security/cacerts</userinput></screen>
     101
     102    <para>
     103      Use the following commands to check if the <filename>cacerts</filename>
     104      file has been successfully installed:
     105    </para>
     106
     107<screen role="root"><userinput>cd /opt/jdk
     108bin/keytool -list -cacerts</userinput></screen>
     109
     110    <para>
     111      At the prompt <computeroutput>Enter keystore password:</computeroutput>,
     112      enter <userinput>changeit</userinput> (the default) or just press the
     113      <quote>Enter</quote> key. If the <filename>cacerts</filename> file was
     114      installed correctly, you will see a list of the certificates with
     115      related information for each one. If not, you need to reinstall them.
     116    </para>
     117
     118    <para>
     119      If you later install a new JVM, you just have to create the symlink in
     120      the default location to be able to use the cacerts.
     121    </para>
     122
     123  </sect2>
     124
    82125</sect1>
Note: See TracChangeset for help on using the changeset viewer.