Locations

Resources

Careers

Contact

Contact us

Java Licensing

Oracle Java Licensing Changes (Java 6 through Java 21): What CIOs and CFOs Need to Know

Oracle Java Licensing Changes (Java 6 through Java 21)

Oracle Java Licensing Changes (Java 6 through Java 21): What CIOs and CFOs Need to Know

Introduction

Oracle’s Java licensing has shifted from “free and open” to a complex web of paid subscriptions and time-limited free use. CIOs and CFOs cannot assume Java is free – those days are largely over. Oracle has repeatedly changed Java’s license terms since the Sun Microsystems era, catching many enterprises off guard.

The result is a licensing landscape rife with budget surprises, compliance traps, and aggressive audits.

This article provides a blunt overview of Java’s licensing changes from version 6 to 21, explains the models (BCL, OTN, NFTC, and Subscription), and offers candid advice on how to protect your organization’s wallet and sanity.

Java Licensing Timeline (Java 6 to Java 21)

Oracle’s approach to Java licensing has evolved drastically over the past decade. Key milestones include the end of free commercial Java in 2019, a brief reintroduction of free use in 2021, and a shift to an expensive enterprise subscription model in 2023.

Below is a timeline of major Java licensing milestones from 2010 through 2025, illustrating Oracle’s shift from free use to paid subscriptions​.

As shown, Oracle maintained free Java after acquiring Sun in 2010, but by 2019, Oracle’s JDK was no longer free for commercial use. In 2021, a no-fee license was reintroduced for the latest Java version. By 2024, a paid subscription will become mandatory for ongoing support.

This timeline highlights how quickly Java’s licensing landscape changed, creating new costs and risks for businesses.

  • 2010 – Oracle Acquires Sun: Oracle buys Sun Microsystems and takes ownership of Java. Oracle initially kept Java under Sun’s Binary Code License (BCL), so Java SE remains free to download and use (including in production) under the same terms as before. No immediate changes – Java remains “free Java” for several years after the acquisition.
  • 2013 – Commercial Features Introduced: Oracle carves out certain advanced JDK features (Java Flight Recorder, Mission Control, etc.) as “Commercial Features” requiring a paid license for production use. Regular Java runtime use was still free, but this signaled Oracle’s intent to monetize Java beyond the core platform.
  • 2018 – Java SE Subscription Announced: Oracle announces a new Java SE Subscription model in June 2018 for Java support and updates. This is a pivot from the traditional free public updates. For the first time, running Java in production would formally require a paid subscription to get updates and bug fixes. Oracle’s initial pricing was based on familiar old metrics – e.g., approximately $2.50 per desktop user per month or $25 per server processor per month. The writing was on the wall: Java was turning into a paid service for businesses.
  • Jan 2019 – End of Free Updates (Java 8): Oracle stops providing free public updates for Java 8 (after January 2019) for commercial users. This change caught many enterprises off guard – Java 8 had been ubiquitous under the free model, and suddenly patches past 8u202 required a paid subscription. Organizations that continued to use Oracle Java 8 in production after this date (and applied later updates) were now out of compliance. In effect, the “free Java” era for businesses ended in 2019 unless they migrated to OpenJDK or paid Oracle.
  • April 2019 – OTN License Introduced: Oracle replaces the old BCL with a new Oracle Technology Network (OTN) License for Java SE​. This license makes the Oracle JDK free only for certain uses: personal, development, testing, or demonstration. Any commercial, internal, or production use now requires a paid license. In other words, after April 16, 2019, you could still download Oracle JDK for free, but only legally use it in development or non-business personal use. Using Oracle’s JDK in business operations without a subscription now violates the license. This pushed many organizations to either buy subscriptions or switch to alternative Java distributions.
  • 2019–2020 – Audit Crackdown: Oracle’s License Management Services ramps up enforcement. By early 2020, Oracle began aggressively auditing organizations for their use of Java. Companies that had never paid for Java received audit letters and “soft audits” (informal compliance checks) pressuring them to purchase subscriptions. Oracle was serious about monetizing Java usage, and it knew Java was widely deployed on enterprise servers and desktops. The risk of surprise license fees skyrocketed during this period.
  • Sept 2021 – Java 17 and No-Fee License (NFTC): With Java 17 (an LTS release), Oracle made a surprising concession: it introduced the No-Fee Terms and Conditions (NFTC) license​. Oracle JDK 17 and later will be free for all users, including those in commercial and production use, but only for a limited time. Under NFTC, the latest Long-Term Support (LTS) version (Java 17 at the time) could be used in production at no cost, with free updates guaranteed for up to one year after the next LTS release. This was Oracle’s response to community backlash – effectively a “free Oracle JDK” for those who stay on the newest version. Important: Older versions (Java 8, 11) did not become free; they still required a subscription for updates​. Oracle was encouraging customers to upgrade to Java 17 to enjoy free usage, although it was only temporary.
  • Jan 2023 – New Per-Employee Subscription: Oracle overhauls its subscription model, replacing processor and user licensing with an enterprise-wide per-employee metric (Java SE Universal Subscription). Now, companies must license all employees, including part-time and contract workers, for Java, regardless of how many use it. This functions like an unlimited site license – you can deploy Java anywhere, but you pay for every employee in the organization. Oracle’s list price was around $15 per employee per month for smaller firms, with volume discounts as low as $5 for very large enterprises. Example: A mid-sized company with 500 employees would pay about $7,500 per month (~$ 90,000 per year) at list pricing. This new model massively increased costs for companies that previously only licensed a subset of users or specific servers. Gartner analysts noted the price jump: $15 per employee vs. the old $2.50 per user or $25 per processor per month – a 400%–500% increase in many cases. Naturally, this sparked outrage among Java customers.
  • Late 2023 – Free Java 17 Ends: By September 2023, Java 21 (the next Long-Term Support, or LTS, release) was released, and Oracle confirmed that Java 17’s free update period would end one year later, in September 2024. After that, Java 17 would no longer receive free patches – organizations would need to either upgrade to Java 21 (the new free long-term support version under NFTC) or start paying for a Java 17 subscription. In other words, the “free ride” for Java 17 was expiring, on schedule. Oracle reiterated that NFTC is meant as a stop-gap for those who always stay on the latest Java. Enterprises that stick with an older LTS in the long term will eventually have to pay.
  • 2024–2025 – Compliance Pressure Intensifies: Oracle is now fully enforcing the new rules. Audits (both formal and informal) continue to rise, targeting even mid-sized firms for Their use of Java. There are reports of Oracle audit claims in the millions of dollars for large enterprises out of compliance. Oracle’s sales teams are pressuring customers with legacy Java subscriptions to switch to the employee-based model at renewal​. In short, any organization still running Oracle Java without a proper license (or hoping to cling to an old agreement) should expect Oracle to come knocking with an ultimatum.

Oracle Java License Models Explained

Oracle has used several license models for Java over time. It’s crucial to understand what each one means, since compliance (and cost) depends on the license your Java version falls under.

The four key models are:

  • BCL (Binary Code License) – Sun’s original license for Java (continued by Oracle until 2019).
  • OTN (Oracle Technology Network) License – Introduced in 2019, restricts free use to specific purposes.
  • NFTC (No-Fee Terms and Conditions) – Introduced in 2021, allows free use of current Java versions for a limited time.
  • Oracle Java SE Subscription – Oracle’s commercial licensing (paid support) model, launched in 2018 and revamped in 2023.

Below is a comparison of these license types, their terms, and which Java versions fall under them:

License ModelJava Versions UsedFree Production UseKey RestrictionsSupport & Updates
BCL (Binary Code License)Java 6, Java 7, Java 8 (through 8u202)
Sun/Oracle license pre-Apr 2019​.		Yes – Free for commercial and production use.No fees required for runtime use on desktops or servers. Redistribution allowed only if bundled with applications, and certain bundled tools (Flight Recorder, etc.) required a commercial license from 2013 onward​.Oracle provided free public updates until end-of-life for each version. After public EOL, security patches required a support contract (optional). Java 6/7 are long out of support; Java 8 public updates ended Jan 2019.
OTN (Oracle Tech Network)Java 8 (8u211 and later), Java 11 (all releases), Java 17 (patches after free period), future older LTS patches​.NoProduction or any internal business use requires subscription.Free use only for: personal (non-commercial on a personal device), development, testing, prototyping, and demonstration​. All other uses (running business applications, embedding in production systems) are prohibited without a paid license​. Effectively, Oracle JDK under OTN is “free to download, not free to run” in a company.Oracle continues to publish updates (security fixes, etc.) on OTN, but those updates are only legally usable for the permitted non-production purposes. Organizations needing updates for production must buy a Java SE Subscription (which grants access via Oracle Support)​.
NFTC (No-Fee Terms)Java 17 (initial release through Sept 2024), Java 21 (through Sept 2026), and all non-LTS versions after Java 17 during their supported life​.Yes (Temporarily) – Free for all uses (including commercial production) until the end of the defined no-fee period.NFTC grants “free use for all users” of the current Java release​. Time-limited: Free updates are provided only until one year after the next LTS release​. After that, the license for new updates reverts to OTN (no free production use)​. Also, NFTC does not allow you to redistribute Oracle’s Java for a fee, and it excludes certain add-ons (e.g. the Java Management Service and advanced features are not included without subscription)​.Oracle provides free security updates for NFTC-licensed versions during the no-fee period. There is no Oracle support contract with NFTC – it’s just free binaries and updates. After the free period ends, no further free patches; you must either upgrade to the next LTS to stay on NFTC free track, or pay for a Subscription to continue getting updates on the older version​.
Java SE SubscriptionAll Java versions (for paying customers). Original model (2018–2022) used per-Processor and per-User metrics; universal model (2023+) uses per-Employee licensing​.N/A (Paid License) – A subscription is the commercial license. It grants the right to use Java in production and includes support/updates. No free use except what’s allowed under separate OTN/NFTC for those who choose not to subscribe.Under the current (2023) Java SE Universal Subscription, you must count all employees in your organization when subscribing​. Partial licensing (e.g. covering only certain servers or users) is no longer offered​. Every employee and contractor is counted, even if only a handful actually use Java – a true enterprise-wide license. The older subscription model (pre-2023) allowed smaller scope (e.g. 100 Named Users or specific processors), but Oracle is phasing that out at renewals.Subscription gives you access to all patches and updates for all Java versions you are licensed for, plus Oracle support. As long as you pay, you get ongoing security updates even for older versions (Java 8, 11, etc.) via Oracle Support​. If you stop subscribing, you lose access to new updates. Cost: Pre-2023 was ~$2.50 per user or $25 per processor per month​. Now (2023) roughly $15 per employee per month (with volume discounts down to ~$5)​ – a much higher cost for most.

Note: OpenJDK (GPL license) is the free, open-source reference implementation of Java, available since Java 6, with significant contributions from Oracle. Many organizations have turned to OpenJDK builds (from Oracle or third parties) to avoid Oracle’s commercial licenses.

While functionally equivalent, OpenJDK releases often have shorter support windows or come from vendors like Red Hat, Azul, Amazon, and others, with their update timelines.

BCL – The Old “Free Java” License (Java 6–8)

The Binary Code License (BCL) was the standard license for Java SE before 2019. Under Sun/Oracle’s BCL, companies could use the Java runtime in production at no cost. Java SE 6, 7, and early updates of Java SE 8 were covered by the BCL, allowing for free commercial use.

There were a few strings attached – you couldn’t resell Java itself or modify it. Starting in 2013, some advanced features required separate licensing. Essentially, Java was treated as free infrastructure, much like companies use free Linux distributions. Oracle continued to release public Java updates on its website, which anyone could download and apply.

The pitfall: BCL created a false sense of security that “Java is free forever.” Companies got used to not tracking Java usage or budgeting for it.

When Oracle abruptly changed course in 2019, many IT departments were unprepared – they had Java on thousands of servers and PCs with zero licenses on record, exposing them to compliance nightmares.

OTN – Oracle’s Restricted Free License (Java 8 & 11)

The Oracle Technology Network (OTN) License for Java SE, introduced in April 2019, radically changed what “free” meant. Under the OTN agreement, Oracle JDK could be downloaded without cost, but free usage was strictly limited to: personal use, or development, testing, prototyping, and demonstration purposes​.

Using Oracle Java for any internal business applications or production workloads now requires a paid subscription. In plain terms, if you’re using Oracle’s JDK to run your corporate software, you must pay – otherwise, you’re violating the license.

Java 8 updates released after April 2019 were under OTN. Java 11 (the 2018 LTS) was only available under OTN, with no free commercial use.

Many administrators continued to update Java 8 or deploy Java 11, unaware that the license had changed. If they installed an Oracle Java 8 update, such as 8u211 or later, on a production system without a subscription, they were out of compliance. Oracle’s audits quickly homed in on these cases.

Common mistake: assuming that because Java software is free to download, it’s free to use. Oracle’s OTN license flips that – you can download the JDK and use it for development testing at no cost, but the minute it’s used to run business operations, you need to pay.

This “free for dev, pay for prod” model caught teams off guard, especially if the folks downloading patches weren’t the ones reading Oracle’s fine print.

NFTC – No-Fee Terms and Conditions (Java 17 & 21)

The NFTC license is Oracle’s attempt to offer a middle ground: free use of Java for everyone, but with a catch on the timeline. Starting with Java 17 (September 2021), Oracle offers the latest Java release under “No-Fee Terms and Conditions,” meaning you can use that Java version in production without paying Oracle.

This was a significant policy reversal – Oracle essentially made Java 17 free, and Java 21, released in 2023, is also free under NFTC. However, the NFTC free usage is temporary. Oracle provides free updates for an LTS release only for one year after the next LTS is released. After that, any further updates for that version will require a paid license, as Oracle switches those updates back to the OTN/commercial channel​.

In practice, NFTC means you can always run the latest LTS Java for free, but if you stay on an older LTS too long, you’ll have to start paying or upgrade. For example, Java 17 was released for free in 2021, and Oracle released updates under the NFTC.

Once Java 21 had been out for a year (i.e., Sept 2024), Oracle halted free Java 17 updates. Any organization still using Java 17 after that point must either upgrade to Java 21 (now the free version) or purchase a subscription to continue receiving patches for 17.

The same will happen with Java 21 when Java 25 is released – free updates will stop one year later (September 2026).

NFTC has no restrictions on use during its free period – it’s free for production, commercial use, and anything else. Oracle even removed the click-through license on downloads to make automation easier​.

The only restrictions are that you can’t redistribute Oracle’s binaries for a fee, and certain enterprise features are not included (they require a separate subscription).

Notably, NFTC is not an altruistic move; it’s designed to keep developers using Oracle’s JDK instead of switching to OpenJDK builds, hoping that when the free period ends, some will pay for support rather than migrate again.

Risk: NFTC can lull you into thinking “Oracle made Java free again.” Yes, it’s free right now if you’re on the latest release. But it’s a treadmill – you must keep upgrading your Java version promptly at each major release to stay in the free zone.

If your organization can’t upgrade every two years, you’ll face a gap where you need to pay Oracle for extended support. CIOs should ensure that development teams have a clear upgrade strategy if they rely on NFTC; otherwise, budget for a subscription when the free period ends.

Oracle Java SE Subscription – Paid Licenses (2018 to Present)

An Oracle Java SE Subscription is a commercial contract that grants your company the legal rights to use Java in production and receive updates and support.

Oracle introduced subscriptions in 2018 as a way to monetize Java, initially offering them on a per-processor basis for servers or per-named user for desktops.

Companies that needed to stay on older Java versions, such as Java 8 after 2019 or Java 11, had to purchase these subscriptions to remain compliant and receive security patches.

Original Subscription Model (2018–2022): Many enterprises purchased Java SE subscriptions when Java 8’s free updates stopped. Oracle’s price list (now removed from public sites) was approximately $25 per month per processor for server licensing and $2.50 per month per named user for desktops.

These licenses could be bought for just the systems or users that needed Java. For example, if you had four server CPUs running Java apps, you would pay around $100 per month; or if 100 employees needed Java on their PCs, you would pay around $250 per month. While not cheap, it was at least scoped to actual usage.

New Universal Subscription (2023–Present): Oracle killed the per-CPU/per-user model in January 2023, replacing it with a Java SE Universal Subscription that uses a per-employee metric. Under this scheme, if you need an Oracle Java license, you must count every employee in your organization (plus equivalents, such as contractors) as a licensed user, even if 95% of them never use Java. It’s an all-or-nothing enterprise license.

The cost, at least, is $15 per employee per month for smaller organizations, with volume discounts bringing it closer to around $5 at very large scales. That means even a mid-size company can be looking at six-figure annual costs for Java.

One IT manager in the field lamented, “We have thousands of computers, and only about 300 of them have Java installed, yet Oracle is trying to make us pay a license for all of them.” This highlights the drastic jump in cost – Oracle now charges based on total headcount, not actual Java usage.

For those with existing subscriptions under the old model, Oracle will honor them until the term ends​. But at renewal time, Oracle sales will strong-arm you into the employee model – reports indicate Oracle often refuses to renew legacy Java agreements and forces customers onto the new metric. In essence, the flexibility to license just part of your environment is gone; Oracle wants the big enterprise-wide deal or nothing.

On the positive side, a Java SE subscription (legacy or universal) covers all versions of Java you might need. Paying Oracle’s subscription grants you rights and support for Java 8, 11, 17, 21, etc. on an unlimited number of devices, as long as you’ve paid for the appropriate number of licenses​. It’s like an all-you-can-eat plan, priced by company size. Also, Oracle’s subscription includes advanced features, such as “Java SE Advanced” features like Flight Recorder, the Java Management Service, and long-term patch support, which you don’t get with NFTC.

The trade-off is between cost and convenience: Oracle’s new model greatly simplifies compliance (by counting employees), but often increases the price. Companies that previously paid for 100 Java users now have to pay for 1,000 employees, for example. Oracle’s goal, of course, is maximizing revenue, and many firms are re-evaluating whether they need Oracle’s Java at all, given this price hike.

Impact on Budgeting, Audit Risk, and Vendor Negotiation

Java licensing is no longer a minor IT detail – it’s a budget line item and a compliance risk that CIOs and CFOs must actively manage. Here’s how these licensing changes translate into business impact:

  • Budget Shock: Organizations that treated Java as a free utility now face substantial recurring costs. Depending on the company’s size, Java SE subscription fees can range from hundreds of thousands to millions of dollars annually. For instance, a company with 2,000 employees would be quoted around $24,000 per month ($12 per employee) under the new model, which is roughly $ 288,000 per year. This is money that was likely not in the IT budget a few years ago. Such unplanned expenses directly hit the bottom line and divert funds from other projects. CFOs have been caught off guard when Oracle audits reveal widespread Java usage that requires licenses. You don’t want to be the executive explaining a six-figure true-up for “free Java” that wasn’t free.
  • Audit Risk: Oracle has become extremely aggressive in auditing Java usage. According to Gartner, in 2022, over 50% of Oracle’s compliance audits focused on Java – a startling figure that shows Oracle is actively seeking Java revenue. Oracle’s audit tactics range from formal audits to “soft audits” (friendly outreach from Oracle representatives inquiring about your Java usage, which can be a fishing expedition). They have access to download logs and can see if your company downloaded patches from Oracle’s site​. Non-compliance can lead to a horrifying bill: “reports of audit claims in the millions” for large firms that are out of compliance. Oracle often uses the threat of back-billing to pressure companies into signing a subscription now, waiving past fees if they commit to going forward​. The bottom line is that running Oracle JDK without proper licensing is a risky move. The audit will come, and it will not be friendly. CIOs need to treat Oracle Java like any other software asset – manage it, or it will manage you.
  • Vendor Leverage and Lock-In: Oracle’s evolving terms are designed to lock in customers and maximize revenue. The shifting licenses (from OTN to NFTC to employee-based subscriptions) can be seen as “bait and switch” by some. E.g., free use of Java 17 lured companies into upgrading, only for Oracle to demand payment later if they didn’t keep up with updates. This puts customers at a negotiation disadvantage; Oracle holds the cards if you’re dependent on their Java builds. In negotiations, Oracle may bundle Java subscriptions with other deals or offer discounts if you commit to Oracle Cloud or other products. However, since the new model is all-encompassing, negotiating a smaller scope for Java is no longer an option. Your best leverage is the ability to walk away – i.e,. Demonstrate that you can migrate off Oracle Java (to OpenJDK or another vendor). Oracle knows that migration is an effort, and they bank on many companies just paying the fee for convenience. To negotiate effectively, CIOs should be prepared to say, “We don’t need Oracle’s Java – we have alternatives.” Only then might Oracle reconsider its pricing or terms to keep your business.
  • Internal Process Changes: These licensing changes also force changes in IT management. Many organizations have had to implement stricter controls on Java deployments. For example, blanket policies like “do not download Oracle JDK from the website for production use” are now common. Instead, use approved open-source builds or have a central team manage Oracle JDK if it is used. Asset management processes must include Java runtime tracking on all servers and endpoints. The days of Java being silently included in apps without anyone noticing are over – now every installation is a potential financial liability if not licensed. This adds overhead for IT teams, but it’s necessary overhead.

Common Pitfalls to Avoid:

  • “We thought Java was free.” – This mindset is hard to shake off, given that it was true for many years. It’s crucial to educate all stakeholders that Oracle Java is not free for commercial use, except in specific cases. Failing to update this assumption is the root of most compliance issues.
  • Ignoring Oracle’s announcements. – Oracle does announce these changes (e.g., the end of free updates, new pricing model). Still, if your organization doesn’t have a practice of monitoring Oracle’s Java updates, you can miss them. Always keep an eye on Oracle’s Java SE support roadmap.
  • Assuming nobody will notice an unlicensed Java Virtual Machine. – Some admins think, “It’s just Java, who is going to audit that?” The answer is Oracle. As noted, Oracle is checking, and they have automated scripts and records to track usage. One hidden Java instance can trigger a full-blown enterprise audit.
  • Late planning for upgrades. – If you choose to stay on Oracle’s free NFTC track, you must proactively plan to upgrade to each new LTS promptly. If you wait until after your version’s free period lapses, you’ll be stuck either scrambling for an upgrade under duress or paying Oracle for extended support. Neither is pleasant.
  • Not quantifying your Java footprint. – Many firms don’t have an inventory of where Java is installed (on what servers, what applications). This is dangerous – you can’t manage or license what you don’t know you have. We’ve seen cases where a random developer installed Oracle JDK on a build server or a VM, and an audit turned that into a license obligation for the entire company under the employee metric. Scan your environment thoroughly for Java installations to avoid surprises​.

Real-World Examples of Licensing Surprises

Real enterprises have felt the pain of these changes. Here are a few anonymized examples that mirror common situations:

  • The Java 8 “Free Update” Trap: A global manufacturer had standardized on Java 8 and routinely applied security updates. Oracle’s January 2019 end-of-free-updates slipped past their radar. In 2020, Oracle approached them for a license review. It turned out they had deployed multiple Java 8 updates from 2019 and 2020 on hundreds of servers. Oracle’s position: each instance required a subscription once the updates were beyond the free date. The company had to purchase a Java SE Subscription for thousands of processors retroactively. Oracle leveraged the fact that they were out of compliance to push a multi-year deal. The CIO later acknowledged that they were “caught completely off guard” by Oracle’s policy change and vowed never to assume “free” meant free without checking the license again.
  • Audit Sticker Shock under Employee Licensing: A mid-sized financial services firm (approximately 2,000 employees) received an Oracle license audit letter in 2023, focusing on Java. They had some Oracle databases but had never paid for Java. During the audit, Oracle found Oracle JDK installed on 50 application servers and ~300 developer workstations. Under the old model, they might have needed ~50 processor licenses and 300 user licenses. But Oracle had moved the goalposts: they were told they needed to license all 2,000 employees. The quote came to around $ 24,000 per month – roughly a 1,400% increase over what an older Java deal would have cost. After tense negotiations (and considering migrating to OpenJDK), the firm received a slight discount on the per-employee rate but still ended up paying around $ 20,000 per month. This unexpected hit to the IT budget prompted the CFO to implement a new policy: any Oracle license agreement now requires C-level approval, following the “surprises” they encountered during the auditing.
  • Staying on the Free Track – and Keeping Up: A SaaS company decided to avoid Oracle fees by always using the latest Java Long-Term Support (LTS) version under NFTC. They were on Java 17 in early 2023. As Java 21’s release approached, they planned a rapid adoption. Despite their planning, they ran into delays testing their application on Java 21 and weren’t ready to deploy it until mid-2024. For a few critical months, they faced the possibility of Java 17 going out of free support (September 2024) before they fully moved to 21. This created internal urgency and sparked some heated debates between engineering, who wanted more testing time, and management, who saw the dollar signs if they missed the deadline. They managed to upgrade in time, but the lesson was clear: using Oracle’s free option requires constant vigilance and fast upgrade cycles. Not every enterprise has the agility to do this – those that don’t may end up having to pay Oracle or run unsupported Java, both risky propositions.
  • “We’ll Just Not Use Oracle JDK” – Easier Said Than Done: Another large enterprise attempted to purge Oracle Java entirely and switch to OpenJDK builds across the board to sidestep licensing. Mid-project, they discovered several third-party vendors (including an old ERP system and some network management tools) embedded Oracle’s JRE in their installers. Even though the company’s policy was not to use Oracle Java, they inadvertently had Oracle’s runtime present on many systems due to vendor software. In an audit, Oracle can still claim that those installations require licensing because the company is “using” Oracle Java, even though it got it there. The company had to work with those vendors to either get off Oracle’s JRE or ensure the vendors’ agreements covered the usage. The moral: you might be using Oracle Java in your environment even when you think you aren’t – all it takes is one packaged app that bundles it. Software asset management teams must watch for this and hold vendors accountable (or carve out indemnification) so you don’t get stuck with an unexpected bill.

Recommendations

CIOs and CFOs must take a proactive stance on Java licensing. Here are specific, actionable steps to protect your organization:

  • Audit Your Java Usage Immediately: Inventory every instance of Java across your servers, VMs, desktops, and even build pipelines. Determine which are Oracle’s Java (JDK/JRE) versus open-source versions. You cannot make informed decisions or negotiate if you don’t know where Java is running in your estate. Don’t forget to check less obvious places, such as older applications, installer packages, or appliances that may include Java. This groundwork is non-negotiable.
  • Decide on Oracle JDK vs OpenJDK (or Both): Evaluate whether you need Oracle’s Java binaries. In most cases, OpenJDK distributions can replace Oracle JDK with minimal or no code changes, as they are essentially the same codebase. Many organizations have successfully migrated to free OpenJDK builds from vendors like Eclipse Adoptium, Amazon Corretto, and Azul Zulu​, eliminating Oracle licensing fees. If you have applications that require Oracle JDK specifically, identify them. Otherwise, plan to standardize on OpenJDK to reduce risk and cost. Even if you stick with Oracle for some mission-critical systems, reducing Oracle Java footprint elsewhere will limit your exposure.
  • Establish a Clear Java Update Policy: If you choose to use Oracle’s NFTC (no-fee) for the latest LTS, ensure your organization is prepared for rapid upgrade cycles. Plan upgrades so that you can migrate to Java 21, 25, 29, etc., within the free support window. This may involve refactoring applications to ensure compatibility or using containerization to encapsulate Java versions. The key is to avoid getting stuck on an older version after its free period ends. If your business can’t tolerate frequent upgrades, then assume you’ll need a paid subscription at some point – budget for it rather than being caught off guard last minute.
  • Budget for Java (No More Free Ride): Gone are the days of Java as a zero-cost line item. If you determine that staying on Oracle Java is necessary (or you want Oracle’s support), allocate funds for it as a recurring operating expense (OPEX). Use Oracle’s pricing (e.g., $15/employee/month list price) to estimate the worst-case scenario, then negotiate from there. It’s better to have a budget and reduce it via negotiation than to be blindsided by a huge unbudgeted liability. Also consider third-party Java support options, such as those from Red Hat or Azul, which may be more affordable if you require long-term support for a specific Java version.
  • Harden Your Procurement and Download Processes: Institute policies such as “No Oracle software downloads without license approval.” Many companies now route all Oracle downloads, including Java, through a request process so that Legal and Procurement can ensure the usage is covered. Developers and IT staff should be educated: do not download the Oracle JDK from the Oracle Java website and install it in production without proper guidance. If Oracle’s JDK is needed for a valid reason, have a central team manage those installations and keep track of them. This prevents well-meaning employees from unknowingly putting you out of compliance.
  • Use Oracle’s Audits to Your Advantage (Strategically): If Oracle comes knocking about Java, don’t panic and immediately buy whatever they’re selling. Engage your software asset management and legal teams. Oftentimes, Oracle’s initial quote for an audit resolution is highly inflated – they expect negotiation. Consider engaging a third-party licensing specialist or firm experienced in Oracle audits to help craft your response and push back. You may be able to reduce the scope (e.g., prove that not all employees should count) or get concessions. Also, leverage the possibility of migrating away: Oracle would rather lock you in at a discount than lose you entirely. Be willing to walk away or migrate if the deal isn’t acceptable – that is your strongest leverage.
  • Negotiate Multi-Year and Bundling for Discounts: If you do enter a subscription, negotiate aggressively. Oracle’s sales reps have some flexibility, especially if this subscription is part of a larger deal. See if you can align Java subscription renewal with other Oracle contracts to use as a bargaining chip. For example, negotiating Java as you renew an Oracle Database agreement might get you a better rate in exchange for a broader Oracle spend commitment. Aim for volume tiers – if you’re near a tier threshold (say 5,000 employees), push for the next price band. Oracle’s public rates ($15 down to $5) ​indicate significant volume discounts, so don’t settle for list price if you have bargaining power.
  • Monitor Oracle’s Roadmap: Oracle’s licensing tactics can evolve. For instance, the next LTS (Java 25 in 2025) will likely continue the NFTC scheme, but Oracle could change tune based on market pressure. Keep an eye on official Oracle announcements, Java blog updates, and analyses from firms like Gartner or licensing consultants. Being forewarned of a change (like the 2023 pricing overhaul) gives you more lead time to respond.
  • Consider Third-Party Java Support: If you need long-term support for an older Java version but want to avoid Oracle, note that vendors like Azul, Red Hat, and others offer support for their OpenJDK builds, often at a lower cost than Oracle. You could, for example, migrate to Red Hat’s build of OpenJDK 8 or 11 and purchase a support contract from Red Hat for updates, potentially saving money versus Oracle’s subscription. This is a form of vendor diversification to reduce Oracle lock-in.
  • Stay Compliant, but Don’t Overpay: The goal is to avoid Oracle’s audit crosshairs while minimizing your spend. That might mean purging Oracle JDK where you can, paying for it where you must, and always having a clear picture of your exposure. Non-compliance is far costlier than the effort to maintain compliance. Make Java licensing a regular item in your IT governance reviews. In short: treat Java like the commercial software it has become.

By following these recommendations, you’ll turn Java from a potential compliance minefield into a managed asset. The key is not to treat Oracle Java as an afterthought – manage it proactively with the same rigor you manage databases or other licensed software.

Oracle has shown it is eager to enforce and capitalize on Java use​, so an informed, disciplined approach is your organization’s best defense. The CIO and CFO should collaborate on this: it’s both an IT architecture issue and a financial risk issue.

Above all, don’t assume anything about Java licensing without verification – read the fine print, and when in doubt, seek expert advice. In the era of Oracle’s Java, vigilance pays off (literally).

Author

  • Fredrik Filipsson

    Fredrik Filipsson brings two decades of Oracle license management experience, including a nine-year tenure at Oracle and 11 years in Oracle license consulting. His expertise extends across leading IT corporations like IBM, enriching his profile with a broad spectrum of software and cloud projects. Filipsson's proficiency encompasses IBM, SAP, Microsoft, and Salesforce platforms, alongside significant involvement in Microsoft Copilot and AI initiatives, improving organizational efficiency.

    View all posts