User/Application Certificates Created in $JAVA_HOME/jre/lib/security/jssecacerts Have Dependencies on Mammoth Upgrades that Upgrade Java.
(Doc ID 2253796.1)
Last updated on MAY 06, 2022
Applies to:Big Data Appliance Integrated Software - Version 4.5.0 and later
User/application generated certificates created in $JAVA_HOME/jre/lib/security/jssecacerts file have dependencies on Mammoth upgrades that upgrade Java.
When a TLS handshake takes place the client will check, in this order,
- It's truststore (if configured)
If $JAVA_HOME/jre/lib/security/jssecacerts is used for a TLS handshake, it will be lost after a Java upgrade. This is true regardless of whether the Java upgrade is a result of a Mammoth upgrade (which upgrades Java) or Java upgrade for another reason.
For example, in the case of a BDA upgrade from V4.5 to V4.7 where Mammoth upgrades Java, after the BDA upgrade is complete it will not be possible to log into Cloudera Manager(CM) using LDAP if the $JAVA_HOME/jre/lib/security/jssecacerts was created by a user/application to be used by CM.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document