1. If applicable - Reload LDAP/ Java Certificate (for Java Updates only)

[marmar24012]

1. If applicable - Reload LDAP/ Java Certificate (for Java Updates only)

If Java update is planned, reloading the LDAP/ Java Certificate may be necessary.

To check The Java trust store may be loaded with several root certificates (ldap, root windows domain, third party e.g. Fedex, etc). If .cer or .crt file(s) exist then certificate(s) will need to be reloaded after java is updated.

ls -l /SCC/TPC/JavaTrust

Example - SLHS bbdbinprd03:/> ls -l /SCC/TPC/JavaTrust -rw-r-----. 1 sccadm sccadm 2796 Nov 14 2022 ldaps.slhs.org.cer -rw-r-----. 1 sccadm sccadm 2788 Mar 25 2020 stlukesent2ca-Intermediate.cer -rw-r-----. 1 sccadm sccadm 2028 Mar 25 2020 stlukesrootca-Root.cer

Example - TMHS: hhvlisappp03:/> ls -l /SCC/TPC/JavaTrust -rw-r--r-- 1 sccadm sccadm 1273 Feb 4 2022 ldaps.crt

Java Certificate Reload: If /SCC/TPC/JavaTrust directory contains certificates add all of them to java trust store. As root: cd /SCC/TPC/JavaTrust ls

set correct java version e.g.:

export JAVA_HOME=/usr/java/latest # For Linux

load certificates into java trust store:

export PATH=$JAVA_HOME/jre/bin:$JAVA_HOME/bin:$PATH

for i in .cer crt do
echo yes | keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -file $i -alias $i done

Confirm: If no errors during the reload, then it works. If it errors out then it does not work.