Hello experts,
we are installing the CJP fix, which will update the java to Azul Zulu. Therefore we need to backup and then restore cacerts file in the IS. Problem is that we don’t have access to the filesystem of the IS. Client doesn’t have access either, because a different “entity” is using the IS and client doesn’t want to “bother” them with this fix installation.
Is it possible to use composite templates to backup and then restore the cacerts file in the target IS? Or just copy the file from backup created during the CJP fix installation?

something like this:

[i]alias: test_template
description: TEST
version: 0.1

templates:
jvm-security:
files:
“jvm/jvm/jre/lib/security/cacerts” : “jvm/jvm0118.bck/jre/lib/security/cacerts”[/i]

You should think about this idea very carefully, because you would loose the intended content from the ZULU CAcerts file. (e.g. also remove unsecured, revoked, expired old trusts).

Better would be preparing an import into the JDK CAcerts store what you need.

This import like with the “keytool” you can execute from the composite template as “action”.
In the same way of thinking you could also have an “pre” patching action to export the keys you need from the JDK before patch and “post” patching import the same again. so in case the patching might have overwritten your CAcerts file blindly you always adjust it afterwards.

That is good idea. Do you have some template with just an action for using keytool or any other command?

Couldn’t find an example of the template which does’t install anything and just copies the file or runs some script. Does somebody have such a template?

Finally found out how to do copy the file from CCE to SPM. If somebody would need it, here is a template:

[i]alias: test
description: Basic IS filecopy

environments:
default:

layers:
is-files: # default configuration for all layers
templates: is-files

templates:
is-files:
files:
test2.txt: test1.txt

provision:
default:
is-files: hostname[/i]