Errors removing CAs that don’t exist, or adding ones that do
Bug #244412 reported by
Anders Kaseorg
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ca-certificates-java (Debian) |
Fix Released
|
Unknown
|
|||
ca-certificates-java (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: ca-certificates
Running ‘sudo dpkg-reconfigure ca-certificates’ and deleting a certificate gives me this error:
Running hooks in /etc/ca-
Adding it back gives me this error:
Running hooks in /etc/ca-
Do you still want to add it? [no]: keytool error: java.lang.
Furthermore, because the jks-keystore hook begins with ‘set -e’, if there is an error on the first certificate, all the later changes in the same run are ignored.
Changed in ca-certificates-java: | |
status: | Unknown → New |
Changed in ca-certificates-java: | |
status: | New → Confirmed |
Changed in ca-certificates-java: | |
status: | Confirmed → In Progress |
Changed in ca-certificates-java: | |
status: | New → Fix Released |
To post a comment you must log in.
Actually, I also get an error adding any certificate, even if it doesn’t already exist.
Running hooks in /etc/ca- certificates/ update. d....Owner: OU=MIT Certification Authority, O=Massachusetts Institute of Technology, ST=Massachusetts, C=US IllegalArgument Exception
Issuer: OU=MIT Certification Authority, O=Massachusetts Institute of Technology, ST=Massachusetts, C=US
…blah blah blah…
Trust this certificate? [no]: keytool error: java.lang.
I think the -trustcacerts and/or -noprompt options need to be passed to keytool to fix this.