Updating java 6 cacerts with those from java 8

Rackspace replaced an outdated certificate, ive followed their instructions using keytool to update the cacerts for java 6 with no success (keytool).

What did work was just replacing the cacerts file from java 6 with one from java 8.

Is this "OK" to do? i assume formats between the two are the same and they are simply updated between version.

Apologies in advance if this is a stupid question

I initially did the same thing, and then symlinked to the java 8 file. But my problem was that the java 6 installation on macOs High Sierra (10.13.x).

# store path to java 6 home
tmp $ j6Security=$(/usr/libexec/java_home -v '1.6*')/lib/security;

# show pre-update state
tmp $ ls -la  "$j6Security"
total 16
drwxr-xr-x  10 root  wheel    320 Jan 20 19:39 .
drwxr-xr-x  41 root  wheel   1312 Jan 20 19:39 ..
-rw-r--r--   1 root  wheel   2469 Jul 14  2015 US_export_policy.jar
lrwxr-xr-x   1 root  wheel     79 Jan 20 19:39 blacklist -> /System/Library/Java/Support/Deploy.bundle/Contents/Home/lib/security/blacklist
lrwxr-xr-x   1 root  wheel     81 Jan 20 19:39 cacerts -> /System/Library/Java/Support/CoreDeploy.bundle/Contents/Home/lib/security/cacerts
-rw-r--r--   1 root  wheel   3443 Jul 14  2015 java.policy
-rw-r--r--   1 root  wheel  13458 Jul 14  2015 java.security
-rw-r--r--   1 root  wheel   2486 Jul 14  2015 local_policy.jar
-rw-r--r--   1 root  wheel    347 Jul 14  2015 sunpkcs11-macosx.cfg
lrwxr-xr-x   1 root  wheel     87 Jan 20 19:39 trusted.libraries -> /System/Library/Java/Support/Deploy.bundle/Contents/Home/lib/security/trusted.libraries

# store path to current (i.e., switcher) home
tmp $ jXSecurity=/Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security;

# replace (broken) j6 files with symlink to current files
tmp $ for file in blacklist cacerts trusted.libraries; do src="${jXSecurity}/${file}" tgt="${j6Security}/${file}"; test -f $tgt && sudo rm $tgt; sudo ln -s "$src" "$tgt"; done

# show post-update state
tmp $ ls -la "$j6Security"
total 16
drwxr-xr-x  10 root  wheel    320 Jan 20 20:33 .
drwxr-xr-x  41 root  wheel   1312 Jan 20 19:39 ..
-rw-r--r--   1 root  wheel   2469 Jul 14  2015 US_export_policy.jar
lrwxr-xr-x   1 root  wheel     87 Jan 20 20:33 blacklist -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/blacklist
lrwxr-xr-x   1 root  wheel     85 Jan 20 20:33 cacerts -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/cacerts
-rw-r--r--   1 root  wheel   3443 Jul 14  2015 java.policy
-rw-r--r--   1 root  wheel  13458 Jul 14  2015 java.security
-rw-r--r--   1 root  wheel   2486 Jul 14  2015 local_policy.jar
-rw-r--r--   1 root  wheel    347 Jul 14  2015 sunpkcs11-macosx.cfg
lrwxr-xr-x   1 root  wheel     95 Jan 20 20:33 trusted.libraries -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/trusted.libraries

If I wanted to pin j8, I would replace jXSecurity=/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/trusted.libraries with j8Security=$(/usr/libexec/java_home -v '1.8*'). Both this and copying the files (that I've symlinked in this example) worked fine.

(In my case the installed symlinks (in the "pre-update" output) pointed to nonexistent files. My maven downloads were failing with "peer not authenticated". After applying these changes to my jdk6 installation everything began working again.)