This seems to be a real issue and a duplicate of Ubuntu bug:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/2019908
The root cause is that java binary requires file
/etc/$jdk/security/java.security to be present, if this
file is not present, java will fail immediately with error:
Exception in thread "main" java.lang.InternalError: Error loading
java.security file
This is new behavior in Java 17+.
The current problem in ca-certificates-java is that the postinst script
requires a working
java binary to create the very java.security file (java.security is
create from shipped java.security.dpkg-new),
hence we have a circular problem. openjdk packages needs
ca-certificates-java to work, while postinst of
ca-certificates-java needs working java binary.
The fix from Ubuntu is to copy required file into place in the postinst
script
before running commands further down which uses java binary, something
like this:
# copy java.security to allow import to function
security_conf=/etc/java-${version}-openjdk/security
if [ -f ${security_conf}/java.security.dpkg-new ] \
&& [ ! -f ${security_conf}/java.security ]; then
cp ${security_conf}/java.security.dpkg-new \
${security_conf}/java.security
fi
This is not very elegant, however seems to work.
Could you please consider to apply this or other solution to fix this
problem?
- Terje
