I had a problem getting Java to read a keyring, and one suggestion was to change the security providers in the /usr/lpp/java/current_64/lib/security/java.security. This is the system wide default definition file for Java.
Unfortunately this is on a read only file system.
I had the choice of changing this file – not a good idea or overriding it.
Overriding which file to use
In the file, there are comments about overriding the file
- -Djava.security.properties=url (one equals), to append to the system java.security file
- -Djava.security.properties== url (two equals), to replace the system.security file used.
In my Java program startup I used the over-ride to replace the default file –
-Djava.security.properties==/etc/zexpl/java.security"
and copied /usr/lpp/java/current_64/lib/security/java.security to /etc/zexpl/java.security. I could edit this as I pleased, as any changes only affect this application.
Updating the production file system.
I’m lucky I work on a single user z/OS system. I do not have to worry about change control and disrupting other users.
I used the df command to display which file system the file was on, then I unmounted and remounted the file system.
df -P /usr/lpp/java/current_64/lib/security/java.security to /etc/zexpl/java.security.
unmount filesystem('ABC100.ZFS') Immediate
mount filesystem('ABC100.ZFS') mode(RDWR)type(HFS) mountpoint('/usr/lpp/IBM/abcdef')
so children of all ages – do not do this at home or at the office!
ColinPaice 