Migrating from earlier releases of IBM Semeru Certified Edition for z/OS

A summary of changes to the SDK and runtime environment that you must be aware of when you migrate from earlier releases of IBM® Semeru Certified Edition for z/OS® is listed here.

This release contains a few differences from IBM Semeru Certified Edition for z/OS, version 17, which might require planning. For an overview, read the What's new section.

Important changes

If you are migrating from IBM Semeru Certified Edition for z/OS, version 17, the following changes apply.
  • New JDK system and security properties are introduced to allow more granular control over the set of JNDI object factories that are allowed to reconstruct Java objects from JNDI/LDAP and JNDI/RMI contexts.
    • The new jdk.jndi.ldap.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/LDAP contexts. Its default value only allows object factories that are defined in the java.naming module.
    • The new jdk.jndi.rmi.object.factoriesFilter property specifies which object factory classes are allowed to instantiate Java objects from object references returned by JNDI/RMI contexts. Its default value allows only object factories that are defined in the jdk.naming.rmi module.
    These new factory filter properties complement the jdk.jndi.object.factoriesFilter global factories filter property by determining whether a specific object factory is permitted to instantiate objects for the LDAP or RMI protocols used in JNDI. An application depending on custom object factories to re-create Java objects from JNDI/LDAP or JNDI/RMI contexts must supply a security or system property with an updated value to allow such third-party object factories to reconstruct LDAP or RMI objects. For example, jdk.jndi.rmi.object.factoriesFilter=com.ibm.*. If usage of a factory is denied, the lookup operation might result in the return of a plain instance of javax.naming.Reference, which might lead to a ClassCastException being thrown in the application.
  • Starting from Java 11, fonts are no longer bundled with the SDK. Semeru now relies on system-installed WorldType fonts. The latest version of WorldType fonts is found as UNIX files (Hierarchical File System (HFS) or z/OS® File System (zFS) files) in this location:
    /usr/lpp/fonts/worldtype
    For more information on font support, see Semeru fonts support on z/OS.
  • In contrast to IBM Java 8, Semeru SDKs contain an intentional correction of what processing is dispatched to IBM z Integrated Information Processor (zIIP) that can cause an increment in general central processor (CP) usage for some specific workloads. The change is working as designed and corrects a situation in Java 8 where some processing was dispatched to zIIP when it was not zIIP eligible.
  • Starting from Java 21, the transformation format of "algorithm/mode/padding" is more strictly enforced following the API documentation. Previous Java versions had more flexibility and allowed for transformations to be missing a mode or padding. An appropriate default would then be chosen based on the specified algorithm. However, this approach is being phased out in OpenJDK and in the Semeru security providers.

    Examples of valid cipher transformations are as follows.

    • "AES"
    • "AES//"
    • "AES/GCM/NoPadding"
    • "AES/CBC/NoPadding"

    Examples of invalid cipher transformations that result in errors are as follows.

    • "AES/ /NoPadding"
    • "AES/CBC/NoPadding/"
    • "AES/CBC/"
    • "AES/CBC"
  • Starting from JDK 18, UTF-8 is the default charset across platforms. The change to adopt UTF-8 might cause migration challenges for existing Java applications that are running on z/OS and that interact with non-UTF-8 files while you migrate to Semeru 21. For more information, see Migration from previous releases section in JEP 400 topic.
  • Start of changes for 21.0.6.0The zEDC (zEnterprise® Data Compression) Express adapter and the Integrated Accelerator for zEDC solution for z15® or later, which was supported in Semeru 17, but not supported in the first release of Semeru 21, is supported now. For more information, see zEnterprise Data Compression.End of changes for 21.0.6.0
  • Start of changes for 21.0.6.0The ZERTJSSE security provider, which was supported in the earlier Semeru versions such as 11 and 17, but not supported in the first release of Semeru 21, is supported now. For more information, see ZERTJSSE provider documentation.End of changes for 21.0.6.0
  • In the earlier Semeru versions such as 11 and 17, the property console.encoding was used to set the encoding of characters that are printed to the console (through System.out and System.err). The property helps override the default console encoding. Until Semeru 21.0.6, the property console.encoding is not supported. Use the properties stdout.encoding and stderr.encoding instead to change the default console encoding.
    Start of changes for 21.0.7.0The property console.encoding is supported from 21.0.7. The precedence order for stdout.encoding and stderr.encoding is as follows.End of changes for 21.0.7.0
    • sun.stdout.encoding, sun.stderr.encoding
    • console.encoding
    • Locale-based encoding
For information about JDK changes for each new release of Java, see the following documents.

These changes might affect the compatibility of applications with this release. For more information about these changes and how to determine whether your applications have compatibility issues, see Version compatibility.

Deprecations and removals

For a full list of JDK methods that are deprecated and removed, see Removed APIs, Tools, and Components.

Migrating from earlier releases

If you are migrating from a release before IBM Semeru Certified Edition for z/OS, Version 11, read the Migrating from earlier releases topic for Version 11.

If you are migrating from a release before IBM Semeru Certified Edition for z/OS, Version 17, read the Migrating from earlier releases topic for Version 17.