On 9/20/2018 2:06 PM, Geoffrey Carman wrote:
> I see that the JVM/JDK in SSPR appliance, installer is changed AWAY from
> Oracle, and to Azul's Zulu JVM.
>
> I had honestly never seen Zulu before.
>
> Anyone have any feedback?* Is this in response to Oracles license
> changes I remember hearing rumblings about.
>
> Seems like there is a cert with SAN issue in the readme, at:
>
> https://www.oracle.com/technetwork/j...ml#JDK-8200666
>
>
> "To improve the robustness of LDAPS (secure LDAP over TLS ) connections,
> endpoint identification algorithms have been enabled by default."
>
> It looks like you would need to add a -D style switch to the process
> starting Tomcat and add in:
> com.sun.jndi.ldap.object.disableEndpointIdentifica tion=true
>
> to turn off this new feature (Or you could fix your cert so that the
> cert matches common name of the server being contacted over
> SSL/LDAPS/TLS/whatever.


So I see Azul Enterprise is basically a way of maintaining a Java 8 JVM
that is supported for Security patches, since Oracle is 116 days away
from the last Java 8 security update.

Interesting. So Zulu Enterprise you have to buy. There is a Zulu
Embedded, I guess MF bought licenses for that? Interesting...

Will other IDM products moving to this as well? The mind wonders...