2020-09-13 10:40:18 |
Stephen Fletcher |
bug |
|
|
added bug |
2020-09-14 02:44:55 |
Stephen Fletcher |
attachment added |
|
patch to ensure java cert store "/etc/ssl/certs/java/cacerts" is created correctly https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1895435/+attachment/5410590/+files/jks-keystore.patch |
|
2020-09-14 02:45:03 |
Stephen Fletcher |
attachment added |
|
patch to ensure java cert store "/etc/ssl/certs/java/cacerts" is created correctly https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1895435/+attachment/5410591/+files/jks-keystore.patch |
|
2020-09-14 02:45:50 |
Stephen Fletcher |
attachment removed |
patch to ensure java cert store "/etc/ssl/certs/java/cacerts" is created correctly https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1895435/+attachment/5410591/+files/jks-keystore.patch |
|
|
2020-09-14 02:48:32 |
Stephen Fletcher |
affects |
ca-certificates (Ubuntu) |
ca-certificates-java (Ubuntu) |
|
2020-09-14 02:57:22 |
Stephen Fletcher |
description |
Issue:
/etc/ssl/certs/ca-certificates.crt cannot update, such as when placing internal CA's into /usr/local/share/ca-certificates and attempting to update when ca-certificates package is installed on a fresh system.
Issue Description:
On a default install of ca-certificates the update-ca-certificates command fails as there is no
/etc/ssl/certs/java directory
org.debian.security.UnableToSaveKeystoreException: There was a problem saving the new Java keystore.
at org.debian.security.KeyStoreHandler.save(KeyStoreHandler.java:86)
at org.debian.security.UpdateCertificates.finish(UpdateCertificates.java:108)
at org.debian.security.UpdateCertificates.main(UpdateCertificates.java:54)
Caused by: java.io.FileNotFoundException: /etc/ssl/certs/java/cacerts (No such file or directory)
at java.base/java.io.FileOutputStream.open0(Native Method)
at java.base/java.io.FileOutputStream.open(FileOutputStream.java:298)
at java.base/java.io.FileOutputStream.<init>(FileOutputStream.java:237)
at java.base/java.io.FileOutputStream.<init>(FileOutputStream.java:126)
at org.debian.security.KeyStoreHandler.save(KeyStoreHandler.java:82)
... 2 more
E: /etc/ca-certificates/update.d/jks-keystore exited with code 1.
Workaround:
if [ ! -d "/etc/ssl/certs/java" ]; then
mkdir -p /etc/ssl/certs/java
fi |
Issue:
/etc/ssl/certs/java/cacerts cannot update when running /usr/local/share/ca-certificates and attempting to update when ca-certificates-java package is installed
Issue Description:
When /etc/ssl/certs/java is not available the update-ca-certificates fails with the following taceback:
org.debian.security.UnableToSaveKeystoreException: There was a problem saving the new Java keystore.
at org.debian.security.KeyStoreHandler.save(KeyStoreHandler.java:86)
at org.debian.security.UpdateCertificates.finish(UpdateCertificates.java:108)
at org.debian.security.UpdateCertificates.main(UpdateCertificates.java:54)
Caused by: java.io.FileNotFoundException: /etc/ssl/certs/java/cacerts (No such file or directory)
at java.base/java.io.FileOutputStream.open0(Native Method)
at java.base/java.io.FileOutputStream.open(FileOutputStream.java:298)
at java.base/java.io.FileOutputStream.<init>(FileOutputStream.java:237)
at java.base/java.io.FileOutputStream.<init>(FileOutputStream.java:126)
at org.debian.security.KeyStoreHandler.save(KeyStoreHandler.java:82)
... 2 more
E: /etc/ca-certificates/update.d/jks-keystore exited with code 1.
No updated /etc/ssl/certs/java/cacerts is created.
Workaround:
if [ ! -d "/etc/ssl/certs/java" ]; then
mkdir -p /etc/ssl/certs/java
fi |
|
2020-09-14 03:07:29 |
Stephen Fletcher |
attachment added |
|
Patch to recreate /etc/ssl/certs/java if missing with original permissions when jks-keystore hook run via update-ca-certificates https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/1895435/+attachment/5410599/+files/jks-keystore.patch |
|
2020-09-14 03:08:03 |
Stephen Fletcher |
attachment removed |
patch to ensure java cert store "/etc/ssl/certs/java/cacerts" is created correctly https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/1895435/+attachment/5410590/+files/jks-keystore.patch |
|
|
2020-09-14 04:12:14 |
Alex Murray |
information type |
Private Security |
Public |
|
2020-09-14 04:23:32 |
Ubuntu Foundations Team Bug Bot |
tags |
|
patch |
|
2020-09-14 04:23:38 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Review Team |
2022-06-28 11:43:54 |
Launchpad Janitor |
ca-certificates-java (Ubuntu): status |
New |
Confirmed |
|
2022-06-28 11:44:09 |
Philipp Wendler |
bug |
|
|
added subscriber Philipp Wendler |
2023-01-12 04:38:51 |
Vladimir Petko |
tags |
patch |
fr-3181 patch |
|