WebSphere Commerce Version 8.0.4.27 or later

Upgrading to WebSphere Commerce 8.0.4.27 or greater

There are environment prerequisites to upgrade WebSphere Commerce to versions 8.0.4.27 or greater.

Important: To upgrade to WebSphere Commerce or WebSphere Commerce Developer 8.0.4.30 from any previous version, you must first upgrade to 8.0.4.29. This is required due to changes to JAR files that were made due to security vulnerabilities.
Warning:
  • WebSphere Commerce instance creation is not supported with WebSphere Commerce fix packs that require Java 8 until version 8.0.4.30. If you need to create a new WebSphere Commerce instance, you must use WebSphere Commerce 8.0.4.30 or greater. Alternatively, you can use an older Java 7 fix pack, such as 8.0.4.25, before upgrading to Java 8 and a more recent WebSphere Commerce fix pack.
  • For IBM i OS operating systemNew instance creation is not supported on IBM i.

Before you begin

Procedure

Upgrade your WebSphere Commerce production environments:
  1. Install WebSphere Commerce 8.0.4.27 or greater.
  2. Upgrade your runtime environments to use WebSphere Application Server bundled Java 8 (1.8_64_bundled).
    See Upgrading WebSphere Commerce 8.0.4.27+ to Java 8.
    Note:
    • If you have previously upgraded your environments to bundled Java 8, you can skip this step.
    • If you have previously upgraded your environments to a standalone version of Java 8 (1.8_64), you must again update your environment to use the version of the Java SDK that is bundled with WebSphere Application Server.
    • You can observe the version of Java 8 that you are using by using the following commands:
      1. In a command prompt, navigate to the WAS_installdir/bin/ directory.
      2. Run the following command:
        • LinuxAIX./managesdk.sh -getNewProfileDefault
        • Windowsmanagesdk.bat -getNewProfileDefault
        • For IBM i OS operating system
          1. managesdk -getNewProfileDefault
          2. managesdk -getCommandDefault
  3. If you are using Java version 8.0.7.0 to 8.0.7.9, or WebSphere Application Server version 8.5.5.21 to 8.5.5.23, you must lower the priority of the IBMJCEPlus security provider.
    Using the com.ibm.crypto.provider.IBMJCEPlus security provider causes a memory leak, leading to performance implications.
    1. Open the jre/lib/security/java.security configuration file for editing in your SDK installation directory.
    2. Change the order of the security providers to place com.ibm.crypto.plus.provider.IBMJCE above com.ibm.crypto.provider.IBMJCEPlus.

      For example, your file should appear as follows:

      security.provider.1=com.ibm.jsse2.IBMJSSEProvider2
      security.provider.2=com.ibm.crypto.plus.provider.IBMJCE
      security.provider.3=com.ibm.crypto.provider.IBMJCEPlus
      security.provider.4=com.ibm.security.jgss.IBMJGSSProvider
    3. Save and close the file.
    For more information on this required change, see Service refresh 7 in the IBM SDK, Java Technology Edition documentation.

Results

You have successfully upgraded your production environments to a later WebSphere Commerce Version 8 fix pack.

This upgrade included:

  • Upgrading your production environments to a later WebSphere Commerce fix pack level.
  • Ensuring that your production environments are using a supported version of Java 8, with the bundled WebSphere Application Server Java SDK.