Steps to manually upgrade SOI JRE
search cancel

Steps to manually upgrade SOI JRE

book

Article ID: 228521

calendar_today

Updated On:

Products

CA Service Operations Insight (SOI)

Issue/Introduction

In order to be able to address vulnerability issues with the bundled JRE before being made available in an official patch, the following steps are provided to update the JRE in SOI manually.

Environment

Release : 4.2

Component : Service Operations Insight (SOI) Manager

Resolution

Steps to upgrade the JRE manually in SOI:

  1. Stop All SOI services by using SOI toolbox
  2. Take backup of existing jre-64, jre-32 and jre folders
  3. Download the latest OpenJDK JRE 8 Binary packages from https://adoptium.net/archive.html?variant=openjdk8&jvmVariant=hotspot . Make sure to download the JRE and not the JDK.
  •          Windows x64 - extract the same and rename the new folder to jre-64  making sure the path to Java is preserved
  •          Windows x86 - extract the same and rename the new folder to jre-32 making sure the path to Java is preserved
  •          Windows x86 - extract the same and rename the new folder to jre making sure the path to Java is preserved

     4. Copy jsafeJCEFIPS-5.0.jar file from jre backup folders (<jre backup folder>/lib/ext) location from step 2 and copy the same to respective new locations

  • <SOI_HOME>\jre-64\lib\ext
  • <SOI_HOME>\jre-32\lib\ext
  • <SOI_HOME>\jre\lib\ext

     5. Restart the SOI services by using SOI toolbox.


Steps to check the JRE version (32 bit or 64 bit) if needed:

Open command prompt and change current working directory to <SOI_HOME>\jre\bin and run the below command and see sample response
.\java -version
           32 bit
openjdk version "1.8.0_212"
OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_212-b03)
OpenJDK Server VM (AdoptOpenJDK)(build 25.212-b03, mixed mode)
           64 bit
openjdk version "1.8.0_212"
OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_212-b03)
OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.212-b03, mixed mode)
 
 
As part of SOI 4.2 CU3 we will be releasing the latest VM pack available at that time. The JRE updates in the catalyst container and connectors will be available as part of their next releases.

Additional Information

Note: Please ensure that EEM and MSSQL support TLS 1.2 before manually updating the JRE since the JRE 8 latest patches disable TLS 1.0 and TLS 1.1 by default.

If required please upgrade EEM to a version where TLS 1.2 is supported and also apply the required patch on MSSQL for TLS 1.2 support (https://support.microsoft.com/en-us/topic/kb3135244-tls-1-2-support-for-microsoft-sql-server-e4472ef8-90a9-13c1-e4d8-44aad198cdbe)

 

In case of any encryption erros, please check the following KB: Tomcat / JRE Update with with encryption/decryption errors

Powered by Wolken Software