Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is it a bad practice to use Java standard keystore

We had been using java standard keystore ($JAVA_HOME/jre/lib/security/cacerts) as the trusted store for tomcat. And that tomcat server would communicate with some other server. A recent OS(AIX) upgrade apparently over-wrote the file at $JAVA_HOME/jre/lib/security/cacerts and that resulted in lost certificates and lot of issues with application hosted in tomcat.

Looking at this is it a bad practice to relay up on $JAVA_HOME/jre/lib/security/cacerts ? What are the alternate (better|standard) ways to tackle this scenario?

like image 231
ring bearer Avatar asked Oct 25 '11 20:10

ring bearer


1 Answers

It's not a bad practice if you have a build process that will repeat the imports.

like image 93
user207421 Avatar answered Sep 19 '22 05:09

user207421