fbpx

Oracle Java License Change – Are you prepared for a new wave of audits?

10 Dec 2018

Home / Expert Advice / Oracle Java License Change – Are you prepared for a new wave of audits?

 

Robin Cronan, Marketing Director, Certero
Originally posted in December 2018, revised in February 2020.

 

The Oracle Java license change means new public updates for Long Term Support (LTS) releases of Oracle Java SE will not be available for business, commercial or production use without a commercial license, raising the question: are you ready for a new wave of audits?

 

An Oracle Java license change has been announced that means from January 2019, public updates for Java SE 8 will not be available for business, commercial or production use, without an appropriate commercial license. However, before you rush out and purchase a load of new licenses, read on.

If you are a ‘personal user’ you will still be able to use Java for your more rudimentary tasks on personal desktops, notebooks, smartphones and tablets. However, this is not extended for use in your commercial or production environments without a license.

In terms of commercial and production environments, it is important to note that Java SE is made up of many features and components. These are covered under the terms of Oracle’s Binary Code License Agreement and are available free of charge. But here’s where it begins to get complicated. Oracle has developed a range of commercial features that are available with Java SE. If any of these are used in a business, commercial or production environment, an appropriate license will be needed.

One example is the MSI Enterprise JRE Installer. Typically, this is used to distribute Java Runtime to laptops and desktop machines. However, this will require a license if it’s used for business operations or commercial or production purposes. That said, if the commercial features are used for design, development or testing programs, no license is needed.

To further complicate things, you may already be covered for some of these licenses already. How? Your current Oracle entitlements will cover a suite of features and components, some of which will include Java. However, you may also be covered for Oracle Java within your entitlements for IBM or SAP products.

 

Oracle Java support

The Oracle Java license change announcement also covers changes to support. What are the implications for you and your organization?

Firstly, there will no longer be public updates for Java 8 for business, commercial or production use. What this means is Oracle will no longer provide security patches and updates, other than under a support contract to those classified as Oracle customers. However, personal users will still be able to get public updates until December 2020.

In addition, (as you will see in the table below) from Java 9 onward, Oracle will be releasing new updates every six months, but only one of those three will receive long term support (LTS). Any releases that are not scheduled to receive LTS will only get free updates for six months.

The implications are that you will need to review the support available to you and your Oracle estate, and whether this meets your requirements.

 

What businesses should do

Oracle strongly recommends reviewing the road map for Java SE (see table below) in order to determine ongoing support requirements and assess the impact on business and commercial models.

Oracle also recommends preparing migration plans to move from older versions to a later release if customers want LTS (long term support) for Java SE.

The six-month release schedule is designed to make it easier for customers to upgrade to newer versions. For example, between SE8 and SE9, Oracle made 19,000 source code changes, but between SE9 and SE10 there were only 2,700. The idea is to make later upgrades less onerous to implement.

The good news is Oracle are planning to release Oracle JDK and Open JDK at the same time. From 11 onward, the content will be virtually the same. This means Open JDK should be capable of supporting your requirements in the same way as Oracle JDK. Security patches will also be released for both for six months, but they will not be referred to as “public updates”.

As a result of these changes you will need to decide what to do next. Below is a summary of some of the options available to you:

  • Stay with Java SE 8: without security updates, this option could open you up to hackers.
  • Migrate to a later version: this will require you to update every six months.
  • Migrate to OpenJDK: support will be accessed via the community after the initial six-month period, or you will need to upgrade every six months to the latest version.
  • License Java through other products: such as IBM or SAP.
  • Pay Oracle for support and updates
  • Pay a third party for support and updates
  • Use a personal version of Java SE 8: while this will allow you to access public updates until December 2020, you will be at risk of non-compliance in an audit.
  • Use free builds of Java 8 from AdoptOpenJDK: this is a community release and there is no warranty or support available.

 

Oracle Java license change recommendations

As a result of the Oracle Java license changes, Certero recommends discovering and inventorying every application that runs Java SE. Certero’s Oracle licensing experts advise:

Identify and document Java SE:

  • The quantity and version of Java related products installed and/or running in your IT estate
  • Who has access/is using them
  • Deployments of JDK or JRE, which commercial features are enabled and the update versions installed

Assess:

  • Business critical systems where continued Java patching and support is essential
  • The potential for deploying alternative Java solutions (such as OpenJDK)

Once this information is gathered, you can procure appropriate licenses to ensure compliance for future audits and safeguard your applications.

 

Preparing for new audits

Oracle is expected to target Java in audits after May 2020. The fastest way to obtain the data necessary to plan your future Java strategy and prepare for a new wave of audits is through Certero’s Oracle licensing solution. Certero for Oracle automates the discovery and inventory of Oracle assets and the Java components that they are running, and covers all platforms from mobile to mainframe to cloud. What’s more, the solution can be provided in public or private Cloud as SaaS, so it can be deployed in minutes – not weeks or months.

Once you have a comprehensive inventory of your Oracle and Java assets, you can understand your licensing position and begin moving towards a state of compliance. You can also identify how to optimize your licensing position to reduce costs. If you do not have access to Oracle licensing experts, we can provide additional support to help you optimize your Oracle Java estate and prepare for your next audit.

If you want to know more about how Certero can help you with your Oracle Java license challenges, contact our team today.

[On-Demand Webinar] Oracle Licensing:

Four gotchas you need to avoid in 2020

On Demand Webinar

Oracle licensing is notoriously complex and catches many customers out every year, potentially adding millions to their already substantial expenditure.

Join Certero’s Oracle licensing experts for 30 minutes of advice, covering important areas such as understanding contractual confusions, moving licenses around the organization, moving to Oracle cloud and licensing rules around Java.

Our experts will show you to how get visibility of all Oracle consumption, to manage false positives and offer advice for what to do in an audit.

Concerned about Oracle Java in your ecosystem?