Public bug reported: 1. Steps to reproduce: Depending on which packages you select for installation, it is possible the postinstall and trigger for ca-certificates-java run before Java has been installed. This may be possible to trigger with more combinations, but I've found $ sudo apt install maven openjdk-8-jdk where the issue is reproducible. Running this on an out-of-the-box system, for instance a VM will trigger the issue.
See installation.txt for the full output of running this command, but the important section is this one: Setting up ca-certificates-java (20140324) ... /var/lib/dpkg/info/ca-certificates-java.postinst: line 53: java: command not found /var/lib/dpkg/info/ca-certificates-java.postinst: line 66: java: command not found done. (...) Processing triggers for ca-certificates (20141019) ... Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d.... /etc/ca-certificates/update.d/jks-keystore: 82: /etc/ca-certificates/update.d/jks-keystore: java: not found E: /etc/ca-certificates/update.d/jks-keystore exited with code 1. done. Setting up openjdk-8-jre-headless:amd64 (8u40~b09-1) ... update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/rmid to provide /usr/bin/rmid (rmid) in auto mode update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java to provide /usr/bin/java (java) in auto mode 2. Expected behaviour: Packages are installed in the correct order so that they can assume their dependencies are present when for instance attempting to run postinstall. (So I don't really know whether this issue is truly caused by ca-certificates-java or by the priority/order of packages assigned by apt or something else.) 3. Actual behaviour: As we see both the postinstall and trigger is attempted run before java has been installed, which results in /etc/ssl/certs/java being an empty directory. Effectively this means Java doesn't know any certificates so for instance creating a connection to an HTTPS-url will fail. 4. Attempted workaround: As a workaround, I figured I could reinstall ca-certificates-java and maybe that would work. $ sudo apt install ca-certificates --reinstall (...) Processing triggers for ca-certificates (20141019) ... Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d.... done. While this gives me the cacerts file at /etc/ssl/certs/java/cacerts we can see that it contains no certificates: $ keytool -list -keystore /etc/ssl/certs/java/cacerts Enter keystore password: Keystore type: JKS Keystore provider: SUN Your keystore contains 0 entries (The default keystore password is of course "changeit") ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: ca-certificates-java 20140324 ProcVersionSignature: Ubuntu 3.16.0-28.38-generic 3.16.7-ckt1 Uname: Linux 3.16.0-28-generic x86_64 ApportVersion: 2.15.1-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Tue Dec 30 10:18:52 2014 InstallationDate: Installed on 2014-12-19 (10 days ago) InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Alpha amd64 (20141211) PackageArchitecture: all SourcePackage: ca-certificates-java UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.default.cacerts: [inaccessible: [Errno 13] Permission denied: '/etc/default/cacerts'] ** Affects: ca-certificates-java (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug vivid ** Attachment added: "installation.txt" https://bugs.launchpad.net/bugs/1406483/+attachment/4289803/+files/installation.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406483 Title: Possible to install (and trigger postinstall) of ca-certificates-java before Java has been installed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/1406483/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs