This bug was fixed in the package ca-certificates-java - 20180516ubuntu1
ca-certificates-java (20180516ubuntu1) cosmic; urgency=low
* Merge from Debian unstable (LP: #1771815). Remaining changes:
- debian/control: Bump javahelper build dependency.
+ Explicitly depend on openjdk-11-jre-headless, needed to configure.
+ Replace javac arguments '-source 1.7 -target 1.7' with '--release 7'
as, per JEP-247, it also takes care of setting the right -bootclasspath
ca-certificates-java (20180516) unstable; urgency=medium
* Team upload.
[ Tiago Stürmer Daitx ]
* debian/jks-keystore.hook.in: don't create a jvm-*.cfg file, a default file
with the right configuration is already supplied by the openjdk packages.
* debian/jks-keystore.hook.in, debian/postinst.in: Only export JAVA_HOME
and update PATH if a known jvm was found.
* debian/postinst.in: Detect PKCS12 cacert keystore generated by
previous ca-certificates-java and convert them to JKS. (Closes: #898678)
[ Matthias Klose ]
* debian/rules: Explicitly depend on openjdk-11-jre-headless, needed to
[ Emmanuel Bourg ]
* Use salsa.debian.org Vcs-* URLs
-- Tiago Stürmer Daitx <tiago.da...@ubuntu.com> Thu, 17 May 2018
** Changed in: ca-certificates-java (Ubuntu)
Status: Fix Committed => Fix Released
You received this bug notification because you are a member of OpenJDK,
which is subscribed to ca-certificates-java in Ubuntu.
ca-certificates-java: convert PKCS12 cacerts keystore to JKS
Status in ca-certificates-java package in Ubuntu:
Status in ca-certificates-java source package in Bionic:
Status in ca-certificates-java package in Debian:
The fix for Debian #894979 and Ubuntu bug #1739631 which updated
ca-certificates-java to generate
JKS keystores by default - instead OpenJDK's 9+ default of PKCS12 - only
fixes new installs.
Any user already affected by that issue won't benefit from the fix, as the
file /etc/ssl/certs/java/cacerts is at most updated by the jks-keystore hook.
The only way to actually change it from the PKCS12 to the JKS format is to
remove the cacerts file and then calling
'update-ca-certificates -f' - which is also accomplished by removing and then
reinstalling the ca-certificates-java package.
To manage notifications about this bug go to:
Mailing list: https://launchpad.net/~openjdk
Post to : firstname.lastname@example.org
Unsubscribe : https://launchpad.net/~openjdk
More help : https://help.launchpad.net/ListHelp