ca-certificates-java fails to install java cacerts

Thank you for using Ubuntu and reporting a bug.

I am unable to reproduce this. I tried various ways to reproduce this, all resulting in /etc/ssl/certs/java/cacerts in the end. Specifically:

* Install 20110912ubuntu3 - upgrade to 20110912ubuntu3.2: ok
* Install 20110912ubuntu3 - upgrade to 20110912ubuntu3.1 - upgrade to 20110912ubuntu3.2: ok
* Install 20100412 (what is in 11.04; failed on install, but cacerts still there) - upgrade to 20110912ubuntu3 - upgrade to 20110912ubuntu3.2: ok
* Install 20100412 (what is in 11.04; failed on install, but cacerts still there) - upgrade to 20100412ubuntu0.11.04.1 (failed on install, but cacerts still there) - upgrade to 20110912ubuntu3.2: ok
* Install 20110912ubuntu3 - perform 'rm /etc/ssl/certs/java/cacerts' - upgrade to 20110912ubuntu3.2: ok

Before installing an earlier release I would do 'sudo dpkg --purge --force-depends ca-certificates-java' and verify that /etc/ssl/certs/java/cacerts no longer exists.

Can you detail the exact steps to reproduce? Could your disk be full, have filesystem errors or somehow was remounted ro?

FYI, this should probably get your system back in working order:
$ sudo dpkg --purge --force-depends ca-certificates-java ; sudo apt-get install ca-certificates-java

Also, what are the contents of the /etc/ssl/certs/java/ directory?

I can say that if I do this:
$ rm /etc/ssl/certs/java/cacerts
$ sudo apt-get install --reinstall ca-certificates-java

That /etc/ssl/certs/java/cacerts is *not* regenerated, but that is intended behavior from the packaging. Is it possible you accidentally removed /etc/ssl/certs/java/cacerts when 20110912ubuntu3.2 was installed? If so, perform the last command I mentioned in comment #1 and it should be all fixed up.

Thanks for taking the time to look into this!

I am currently examining my apt log to see what happened. Apparently, ca-certificates-java failed to install with the following:

Setting up ca-certificates-java (20110912ubuntu3.2.) ...
/var/lib/dpkg/info/ca-certificates-java.postinst: line 51: java: command not found
done.

This makes sense to me, since I previously did not have java, and I installed openjdk-7-jre-headless with ca-certificates-java at the same time. I am currently installing Oneiric i386 Desktop into a VM to try to reproduce this.

I reproduced this bug by installing a fresh install from the Oneiric i386 desktop iso and updating all installed packages.

Using aptitude, I installed openjdk-7-jre-headless which depends on ca-certificates-java. Note that before the install, java is not available. The installation proceeded, except that java's cacerts failed to generate.

I haven't been able to reproduce this issue, but just want to mention that similar ones have been reported where it can be triggered by installing openjdk-8-jre-headless 8 (bug 1396760), or maven toghether with openjdk-8-jdk (bug 1406483).

Looks like it is possible to end up in a situation where it attempts to run the ca-certificates-java postinstall before java has actually been installed.

Status changed to 'Confirmed' because the bug affects multiple users.

Thank you to Jamie Strandboge (jdstrand) in comment #1: http://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/983302/comments/1 . This issue has been driving me nuts and nothing else I've tried has worked, but this fixed it instantly:

$ sudo dpkg --purge --force-depends ca-certificates-java

followed by

$ sudo apt-get install ca-certificates-java

Michael Alexander (ftmichael)'s fix worked for me!