install/update java on ubuntu 17.10
Java
Oracle 사이트에서 Java SE 를 Download 함.
Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 도 Download 함.
- jdk-8u191-linux-x64.tar.gz
- jce_policy-8.zip
다음 명령어로 java를 설치했음.
jinia@jin:~$ tar xvzf ~/Downloads/jdk-8u191-linux-x64.tar.gz -C ~/Desktop
Java Path를 잡지 않았으므로 다음과 같이 버전 확인 가능함.
jinia@jin:~$ ~/Desktop/jdk1.8.0_191/bin/java -version
java version "1.8.0_191"
Java(TM) SE Runtime Environment (build 1.8.0_191-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.191-b12, mixed mode)
jinia@jin:~$
Java Path 수정하기
/etc/bash.bashrc 파일 맨 밑에 JAVA_HOME과 PATH가 있음을 확인하고 변경한다.
재부팅 후, java 버전 확인하면 됨.
jinia@jin:~$ cat /etc/bash.bashrc # cat으로 확인함.
# System-wide .bashrc file for interactive bash(1) shells.
## /etc/bash.bashrc 내용 중략
export JAVA_HOME=/home/jinia/Desktop/jdk1.8.0_181
export PATH=$PATH:${JAVA_HOME}/bin
jinia@jin:~$
jinia@jin:~$
jinia@jin:~$ sudo nano /etc/bash.bashrc # vi로 수정안됨. nano로 수정해야함.
인증서 추가하기
jinia@jin:~$ ls /usr/share/ca-certificates/extra/ # 인증서 확인
POSCOICT_CA_256.crt
jinia@jin:~$ ls ~/Desktop/jdk1.8.0_191/jre/lib/security/ # 설치위치 확인
blacklist blacklisted.certs cacerts java.policy java.security javaws.policy policy trusted.libraries
jinia@jin:~$ cp /usr/share/ca-certificates/extra/POSCOICT_CA_256.crt ~/Desktop/jdk1.8.0_191/jre/lib/security/ # 복사
jinia@jin:~$ cd ~/Desktop/jdk1.8.0_191/jre/lib/security/ # cd
jinia@jin:~/Desktop/jdk1.8.0_191/jre/lib/security$ keytool -import -keystore cacerts -storepass changeit -file POSCOICT_CA_256.crt -alias poscoict # keytool 실행
Owner: EMAILADDRESS=admin@poscoict.co.kr, CN=POSCOICT_CA_256, OU=secuirty, O=POSCOICT_CA_256, L=SEOUL, ST=CA, C=KR
Issuer: EMAILADDRESS=admin@poscoict.co.kr, CN=POSCOICT_CA_256, OU=secuirty, O=POSCOICT_CA_256, L=SEOUL, ST=CA, C=KR
## 중략
Trust this certificate? [no]: yes # yes 라고 입력
Certificate was added to keystore
jinia@jin:~/Desktop/jdk1.8.0_191/jre/lib/security$
JCE
https://www.oracle.com/technetwork/java/javase/downloads/index.html
jinia@jin:~$ unzip ~/Downloads/jce_policy-8.zip -d ~/Downloads/jce # unzip 으로 압축 풀기
Archive: /home/jinia/Downloads/jce_policy-8.zip
creating: /home/jinia/Downloads/jce/UnlimitedJCEPolicyJDK8/
inflating: /home/jinia/Downloads/jce/UnlimitedJCEPolicyJDK8/local_policy.jar
inflating: /home/jinia/Downloads/jce/UnlimitedJCEPolicyJDK8/README.txt
inflating: /home/jinia/Downloads/jce/UnlimitedJCEPolicyJDK8/US_export_policy.jar
jinia@jin:~$ ls ~/Downloads/jce/UnlimitedJCEPolicyJDK8/ # ls로 파일 확인하기.
local_policy.jar README.txt US_export_policy.jar
jinia@jin:~$ ls ~/Desktop/jdk1.8.0_191/jre/lib/security/ # ls로 파일 확인하기.
blacklist blacklisted.certs cacerts java.policy java.security javaws.policy policy POSCOICT_CA_256.crt trusted.libraries
jinia@jin:~$ cp ~/Downloads/jce/UnlimitedJCEPolicyJDK8/*.jar ~/Desktop/jdk1.8.0_191/jre/lib/security/ # cp로 jar 파일 2개 복사하기
jinia@jin:~$ rm -rf ~/Downloads/jce # rm으로 지우기
jinia@jin:~$
Test용 keystore 생성.
jinia@jin:~$ # keytool 실행
jinia@jin:~$ keytool -genkeypair -keyalg RSA -keypass changeit -dname "CN=Config Server,OU=security,O=POSCOICT,L=SEOUL,S=CA,C=KR" -keystore server.jks -storepass changeit -alias poscoict
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore server.jks -destkeystore server.jks -deststoretype pkcs12".
jinia@jin:~$ # keytool 실행 ( Warning 메시지 참고 )
jinia@jin:~$ keytool -importkeystore -srckeystore server.jks -destkeystore server.jks -deststoretype pkcs12
Enter source keystore password: # changeit 입력
Entry for alias poscoict successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
Warning:
Migrated "server.jks" to Non JKS/JCEKS. The JKS keystore is backed up as "server.jks.old".
jinia@jin:~$ rm server.jks.old # backup 파일 삭제