ca-certificates-jave fails to add certificates from TU Berlin
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ca-certificates-java (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: ca-certificates
happens since I added cert files from TU-Berlin ( http://
Link to Cert File http://
Recommende Installation for Ubuntu 10.04 (I'm using 10.10 Netbook Edition)
wget www.tubit.
mkdir -p /usr/share/
mv TU-Berlin_
echo tu-berlin.
update-
ProblemType: Package
DistroRelease: Ubuntu 10.10
Package: ca-certificates
ProcVersionSign
Uname: Linux 2.6.35-22-generic i686
Architecture: i386
Date: Thu Oct 21 08:36:21 2010
ErrorMessage: Unterprozess installiertes post-installati
InstallationMedia: Ubuntu-Netbook 10.04 "Lucid Lynx" - Release i386 (20100429.4)
PackageArchitec
SourcePackage: ca-certificates
Title: package ca-certificates
Also on lucid, I see something like this on our Ubuntu machines at the Sanger Institute; we have our own local CA, and the keytool invocation in the postinst script which attempts to add the certificate fails. I edited the postinst script to include set -x so that I could get something out of it, and noticed (1) that the init script deletes the temporary output file even if the script fails, which means that you can't see the errors. So, I changed it so that it doesn't delete the tempfile if there are errors, and this then showed me that the following part of the script execution path shows the error being generated:
+ LANG=C certs/java/ cacerts -providerClass sun.security. pkcs11. SunPKCS11 -providerArg '${java. home}/lib/ security/ nss.cfg' -noprompt -storepass changeit -alias genome_ research_ ltd_certificate _authority_ cert_pem -file /usr/share/ ca-certificates /sanger. ac.uk/Genome_ Research_ Ltd_Certificate _Authority- cert.pem ac.uk/Genome_ Research_ Ltd_Certificate _Authority- cert.pem' ac.uk/Genome_ Research_ Ltd_Certificate _Authority- cert.pem
+ LC_ALL=C
+ keytool -importcert -trustcacerts -keystore /etc/ssl/
+ grep -q 'Signature not available' /tmp/fileW2Zx2A
+ echo ' error adding sanger.
error adding sanger.
++ expr 0 + 1
+ errors=1
and the log entry says:
keytool error: java.security. ProviderExcepti on: Secmod module already configured
Google doesn't have much to say about this particular error. This is causing us serious issues, since it's causing dpkg and aptitude to fall over on most machines, perpetually trying to run the ca-certificates -java postinst script.