The Java for DirX Identity

Many essential DirX Identity components are implemented in Java. Therefore, at least one Java installation is required to use the product.

The Java for DirX Identity is Java 21, which is used by core components such as:

  • Java-based servers

  • DirX Identity Manager

  • Configuration utility

Some components require deployment into an external Tomcat running with Java 21. The Java instance used by Tomcat depends on its configuration.

Unlike previous releases, this version requires an external Java installation and does not provide an embedded Java environment.

Advantages of a Customer-Supplied Java Installation

  • External Tomcat for DirX Identity applications can use the same Java installation.

  • The installation can also be used for internet browsers or browser-based applications.

  • Updating Java is straightforward using official update packages. See Security Updates for Java in DirX Identity for details.

Requirements for Java in DirX Identity

A customer-supplied Java must meet the following requirements:

  • Must implement Java Platform, Standard Edition (Java SE).

  • Version must be 21.x.y.

  • Must be a 64-bit distribution.

  • Must be TCK-tested (Technology Compatibility Kit for Java).

Supported Java products include:

  • Oracle Java SE 21 (LTS)

  • Microsoft Build of OpenJDK 21 (LTS)

  • Adoptium Eclipse Temurin JDK-21

Security Updates for Java in DirX Identity

Updating a Customer-Supplied Java Runtime Environment

Update the Java environment using an official downloadable update for the appropriate version.

General procedure:

  1. Stop all DirX Identity services and close all programs.

  2. If <DXI_JAVA_HOME>/lib/security/cacerts contains custom certificates, back up this file outside <DXI_JAVA_HOME>.

  3. Download and install the Java update. Options for installation path:

    1. Use the current <DXI_JAVA_HOME> path for consistency. Not recommended if the path already includes java-21.

    2. Use the default path (e.g., C:\Program Files\Java\java-21). This requires updating <DXI_JAVA_HOME> in DirX Identity.

  4. Restore custom certificates to the updated cacerts file.

  5. If the installation path changed, follow Managing a Relocated Customer-Supplied Java.

  6. Verify the update by running:

    1. .\java -version (Windows)

    2. ./java -version (UNIX)

  7. Restart services.

Managing a Relocated Customer-Supplied Java

If the customer-supplied Java installation has been moved due to an update, perform the following steps:

  1. Update configuration files to reflect the new Java location:

    • Windows only: Update <DXI_INSTALL_PATH>/setdxienv.bat to set DXI_JAVA_HOME. Use Windows path notation. Example: SET DXI_JAVA_HOME=C:\Program Files\Java\java-21

    • UNIX only: Update <DXI_INSTALL_PATH>/.dirxmetarc to set DXI_JAVA_HOME. Use UNIX path notation. Example: DXI_JAVA_HOME=/opt/java-21

    • All platforms: Update <DXI_INSTALL_PATH>/configuration.ini for dxi.java.home:

      • Windows example (with escaped characters): dxi.java.home=C\:\\Program Files\\Java\\java-21

      • UNIX example: dxi.java.home=/opt/java-21

  2. Reconfigure components: Run the Configuration Wizard to update the Message Broker and Java-based servers.

  3. Update Tomcat configuration (if applicable): If Tomcat was configured to use Java for DirX Identity, adjust its settings to point to the relocated Java installation