JEP 493 introduced the concept of linking from the installed run-time image (over linking from JMODs).
When a link from the run-time image is being performed, files are taken from the installed image and not from JMODs. In order to verify that files haven't changed a hash sum is being collected at JDK build time of all the files part of the JDK. This includes files for time zone data (tzdb.dat) and certificate authorities that the JDK trusts (cacerts).
In certain deployment scenarios, the cacerts files and/or time zone data files might have been updated (or use a version otherwise available on the system). Once a file has changed from the version available at JDK build time, linking from the run-time image would no longer work as the recorded hash sums wouldn't match any more.
We need to find a way to deal with those cases.
When a link from the run-time image is being performed, files are taken from the installed image and not from JMODs. In order to verify that files haven't changed a hash sum is being collected at JDK build time of all the files part of the JDK. This includes files for time zone data (tzdb.dat) and certificate authorities that the JDK trusts (cacerts).
In certain deployment scenarios, the cacerts files and/or time zone data files might have been updated (or use a version otherwise available on the system). Once a file has changed from the version available at JDK build time, linking from the run-time image would no longer work as the recorded hash sums wouldn't match any more.
We need to find a way to deal with those cases.