The attached patch fixes this behavior by: 1) Detecting if a PKCS12 cacert exists 2) Converting it to JKS and saving it to cacerts.dpkg-new
Finally, if, and only if, 'cacerts_updates' is set to 'yes': 3) Moving the old PKCS12 cacerts to a cacerts.dpkg-old and the dpkg-new into /etc/ssl/certs/java/cacerts. Additionally, this the proposed debdiff also takes care of only setting JAVA_HOME if a jvm is found. Previously if none of the the jvms in the list were found the last one jvm was used - although that didn't cause any unexpected errors, it was wrong. ** Patch added: "ca-certificates-java_20180413ubuntu1_debdiff_20180413ubuntu2.patch" https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/1771363/+attachment/5139841/+files/ca-certificates-java_20180413ubuntu1_debdiff_20180413ubuntu2.patch ** Tags added: bionic cosmic patch ** Bug watch added: Debian Bug tracker #898678 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898678 ** Also affects: ca-certificates-java (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898678 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1771363 Title: ca-certificates-java: convert PKCS12 cacerts keystore to JKS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/1771363/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
