The Changing Landscape of Java Licensing
For years, Java was freely available for business use under Sun/Oracle's Binary Code License. Enterprises deployed Oracle's JDK across servers, desktops, and development environments without cost concerns. That changed fundamentally in 2019 when Oracle introduced new licence terms requiring paid subscriptions for certain Java releases — effectively creating a "Java tax" on enterprises that had built their technology stacks on the assumption that Java would always be free.
Many companies were caught off-guard. Organisations that had been running Oracle Java 8 in production discovered that continuing to use it beyond update 8u202 suddenly required a paid subscription. They had assumed Java would always be free, and this announcement created immediate compliance exposure and budget concerns across entire IT estates.
Which Versions of Java Are Free (and Which Are Not)
All Java versions have a free implementation available through OpenJDK and other providers. However, whether Oracle's JDK for a given version is free depends on the specific version and the licence under which it was released.
| Java Version | Oracle JDK Free? | Details |
|---|---|---|
| Java 7 and earlier | Yes (legacy) | Free under the old Binary Code License. No free updates available — end-of-life. |
| Java 8 (LTS) | Partially | Free for updates up to 8u202. Updates 8u211+ require a paid subscription. Still free for personal/dev use. |
| Java 11 (LTS) | No | Not free for production under Oracle's OTN licence — requires subscription. Use an OpenJDK 11 build to avoid fees. |
| Java 17 (LTS) | Temporarily | Free under Oracle's NFTC licence until approximately September 2024. Updates beyond that require payment. |
| Java 21 (LTS) | Temporarily | Free under NFTC until approximately September 2026. Likely requires payment for updates beyond that point. |
| Non-LTS releases | No | Oracle JDK required subscription for these short-term versions. Short support cycles — generally avoided in production. |
📚 Related Reading
Free Java Alternatives to Oracle's JDK
Oracle is not the only source for Java. Several free JDK distributions based on the same OpenJDK codebase are available from reputable providers. These distributions are functionally equivalent to Oracle's JDK — they pass the same TCK (Technology Compatibility Kit) tests — but are released under open-source licences with no commercial use restrictions.
| Distribution | Provider | Support Highlights |
|---|---|---|
| Oracle OpenJDK | Oracle | Free, open-source build. Updates stop once the next Java version is released — limited support window. |
| Eclipse Temurin | Eclipse Foundation (Adoptium) | Free and open-source. Community provides long-term updates for LTS versions through the Adoptium project. |
| Amazon Corretto | Amazon Web Services | Free. Amazon provides multi-year support for LTS releases. Used internally at AWS and maintained for public use. |
| Azul Zulu (Community) | Azul Systems | Free community builds for many Java versions including older ones. Extended community updates; paid support available. |
| Microsoft Build of OpenJDK | Microsoft | Free. Microsoft provides LTS support for Java 11, 17, and 21. Optimised for Azure but works everywhere. |
| IBM Semeru | IBM | Free. Based on Eclipse OpenJ9 JVM. Optimised for cloud and container workloads with lower memory footprint. |
Drop-In Replacements — No Code Changes Required
Free OpenJDK-based distributions are virtually identical to Oracle JDK in features and API compatibility. Many enterprises use Temurin, Corretto, or Zulu as drop-in replacements with no code changes required. By standardising on one of these company-wide, you eliminate Oracle Java licence fees entirely. The only consideration is ensuring you have a plan for applying security updates — either in-house or through a support vendor — since you won't receive patches from Oracle.
Need help migrating off Oracle Java? Get expert advisory support.
Java Advisory →Cost and Compliance Risks for Enterprises
Using Oracle's Java without a proper licence poses significant compliance and financial risk. Oracle now actively audits companies for Java usage, and its per-employee licensing model means even a small unauthorised Java deployment can result in fees calculated against your entire workforce — not just the systems actually running Java.
The bottom line: eliminate or strictly control any use of Oracle's JDK in your environment. If you do use Oracle Java, ensure it falls within a free-use allowance or that you have purchased the required subscription. In most cases, migrating to free Java alternatives is safer and more cost-effective than managing Oracle Java compliance risk.
| Risk Scenario | Why It Matters |
|---|---|
| Oracle Java on many systems | Under Oracle's per-employee model, widespread Oracle JDK use could force you to licence your entire workforce — a massive, often multi-million-dollar expense. |
| Using Java past free updates | Running Oracle Java beyond its last free patch (e.g., 8u211+, 11.0.x+) counts as unlicensed usage, risking back-dated fees if audited. |
| Unapproved Oracle JDK installs | "Rogue" installations via Oracle's download site or auto-update can appear without IT awareness. These put the entire company out of compliance. |
| Java embedded in third-party apps | Some software vendors bundle Oracle's Java with their products. If that usage isn't covered by the vendor's licence, you are responsible — a hidden trap. |
| Out-of-support Java versions | Old Java versions (6, 7, 8) in production without security updates create vulnerabilities and will be red flags in any audit. |
Recommendations
🟢 Do This
- Standardise on a free OpenJDK distribution (Temurin, Corretto, or Zulu)
- Block Oracle's JDK download site on your corporate network
- Provide approved Java installers through internal software catalogues
- Scan all servers, VMs, and containers for Oracle JDK installations
- Monitor Oracle's Java licensing announcements proactively
- Plan Java upgrades to stay within free-use windows
🔴 Avoid This
- Assuming Java is still free for commercial use
- Ignoring Oracle JDK installations that fall outside free-use criteria
- Allowing developers to download Oracle JDK without approval
- Running Oracle Java past its last free patch without a subscription
- Overlooking Java bundled inside third-party vendor applications
- Waiting for an Oracle audit to address Java compliance
5-Step Action Checklist
- Identify all Java installations. Scan all servers, desktops, VMs, and containers. Inventory every Java instance — note the version, vendor, and update level for each installation across your entire environment.
- Verify licensing for each. Flag any Java installations that are Oracle's JDK and not clearly covered by a free-use allowance. Any Oracle Java version beyond its free update window or usage scope is a compliance exposure.
- Replace or licence. Uninstall or swap out any non-compliant Oracle JDK with a free OpenJDK equivalent. If you cannot replace it immediately, purchase the required Oracle Java subscription as a temporary measure while you plan migration.
- Prevent reintroductions. Block Oracle Java downloads in your environment. Provide only approved free Java builds through your internal software catalogue. Enforce policy so new projects and updates don't inadvertently bring Oracle's JDK back into use.
- Monitor and update. Track when each Java version's free period or support lifecycle ends and upgrade before then. Apply security updates from your chosen OpenJDK provider proactively to keep your Java environment secure and compliant.
Frequently Asked Questions
Q: Is Java still free for commercial use?
Java (OpenJDK) is free and open-source. However, Oracle's official Java distribution (Oracle JDK) is generally no longer free for commercial use since 2019. In practice, you can use Java without paying Oracle as long as you avoid Oracle's JDK or stick to the narrow scenarios where Oracle permits free use — such as during the NFTC licence period for certain LTS releases.
Q: Can we use Java 8 or Java 11 in production without paying Oracle?
Yes — if you use the right distribution. For Java 8, you can run it for free using Oracle's JDK up to update 202, or by using a free OpenJDK 8 build (such as Temurin or Corretto) for later updates. For Java 11, do not use Oracle's JDK 11 in production — it always requires a subscription. Instead, deploy a free OpenJDK 11 distribution to run your Java 11 applications with no fees.
Q: What is Oracle's per-employee Java licensing model?
Since January 2023, Oracle offers Java SE subscriptions priced per employee across your entire organisation — not just the users or systems running Java. This means even a single Oracle JDK installation can theoretically trigger licence fees for every employee in your company. This model is designed to maximise audit exposure and makes proactive migration to free OpenJDK alternatives the most cost-effective compliance strategy.
Q: Are free OpenJDK distributions really equivalent to Oracle JDK?
Yes. All major OpenJDK distributions — Temurin, Corretto, Zulu, Microsoft Build, IBM Semeru — are built from the same OpenJDK source code and pass the same compatibility tests (TCK). They are functionally identical to Oracle's JDK in features and performance. The only difference is the support model: Oracle provides support through paid subscriptions, while free distributions rely on community updates or vendor-provided support.
How Redress Compliance Helps with Java Licensing
Unsure About Your Java Compliance Exposure?
Oracle is actively auditing enterprises for Java usage — and its per-employee pricing model means even a small exposure can trigger fees for your entire workforce. Our Java advisory team helps organisations identify every Oracle JDK installation, assess compliance risk, develop migration strategies to free alternatives, and defend against audit claims. Get a confidential assessment before Oracle comes knocking.