Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is the cacerts file missing in ubuntu 15.10 and openjdk-8-jdk?

Tags:

I just installed Ubuntu 15.10 and their openjdk-8-jdk (by apt-get).

Now I am missing the cacerts file.

There is a link at the usual location:

ls -l /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts
lrwxrwxrwx 1 root root 27 Oct 22 01:47 /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts -> /etc/ssl/certs/java/cacerts

but nothing at /etc/ssl/certs/java/cacerts:

stat /etc/ssl/certs/java/cacerts
stat: cannot stat ‘/etc/ssl/certs/java/cacerts’: No such file or directory
like image 542
Gustave Avatar asked Oct 30 '15 15:10

Gustave


People also ask

Where is my cacerts file?

A certificates file named cacerts resides in the security properties directory, java. home \lib\security, where java. home is the runtime environment directory (the jre directory in the SDK or the top-level directory of the Java™ 2 Runtime Environment).

What are cacerts in JDK?

The cacerts file is a collection of trusted certificate authority (CA) certificates. Oracle includes a cacerts file with its SSL support in the Java™ Secure Socket Extension (JSSE) tool kit and JDK. It contains certificate references for well-known Certificate authorities, such as VeriSign™.

How do I list all certificates in the JDK cacerts file?

You can inspect (list) certificates in your cacert keystroke using the java keytool. keytool has to be in your path, or can be found in the bin directory of your Java Installation (e.g. C:/Program Files (x86)/Java/jre1. 8/bin/keytool.exe ).


2 Answers

This is due to a bug already reported here: Ubuntu bug ticket

The ticket above links another similar issue, which provides a workaround:

$ sudo dpkg --purge --force-depends ca-certificates-java
$ sudo apt-get install ca-certificates-java
like image 144
Gergely Bacso Avatar answered Sep 21 '22 11:09

Gergely Bacso


Just to add an error here that Gergely answer solved, if you trying to call external apis with ssl and got this error:

java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1903)

This solved

$ sudo dpkg --purge --force-depends ca-certificates-java
$ sudo apt-get install ca-certificates-java 
like image 25
Paulo Victor Avatar answered Sep 21 '22 11:09

Paulo Victor