Location of java.security file

[rudatp]

I need a possibility to override the path to java.security file, to use customized version for ZOWE, without overwriting global settings

[rudatp]

Actually it would be even better to have possibility to override any Java properties. I'm trying to run ZOWE with keystore type JCECCARACFKS. Even when I update the global java.security file, I get following error: invalid stream header: CECECACF
I had similar issue when configuring another product using Tomcat and the solution was to add additionally ${JAVA_HOME}"/lib/ext to LIBPATH and to overwrite java properties:
IJO="$IJO -Djava.protocol.handler.pkgs=com.ibm.crypto.hdwrCCA.provider|com.ibm.crypto.provider"
IJO="$IJO -Djava.security.properties=/share/etc/javacust/java.security"

[MarkAckert]

Could you describe what you're configuring in the java.security file that isn't normally configured by Zowe as part of its install/configuration?

Or in the case it is defined in Zowe (e.g. we support JCECCARACFKS in zowe.setup.certificate.type), why you'd prefer using a java.security file?

Thanks!

[rudatp]

The list of providers in java.security file must be updated to support JCECCARACFKS:
security.provider.1=com.ibm.crypto.hdwrCCA.provider.IBMJCECCA
Without this you get error: JCECCARACFKS not found.

[balhar-jakub]

@rudatp What version of Java are you trying to use, and how do you configure the SAF Keyring specifically what is the first part e.g. safkeryring://

[rudatp]

I'm using Java8_64. Only this version is listed as supported for ZOWE.
safkeyring:////user/keyring