tags 823590 - important + wishlist found 823590 20190405 thanks Hi there,
On Fri, 04 May 2018 22:58:16 +0200, Emmanuel Bourg wrote: > Why are you changing the password of a keystore holding the public keys > of the certification authorities? There is nothing secret inside. Not speaking for Guillaume, but the Debian package explicitly supports this configuration, for more than 10 years now: ``` root@harlock:~# zless /usr/share/doc/ca-certificates-java/changelog.gz [...] ca-certificates-java (20081022) unstable; urgency=low * debian/jks-keystore.hook: - Don't stop after first error during the update. LP: #244412. Closes: #489748. - Call keytool with -noprompt. * On initial install, add locally added certificates. LP: #244410. Closes: #489748. * Install /etc/default/cacerts to set options: - storepass, holding the password for the keystore. - updates, to enable/disable updates of the keystore. * Only use the keytool command from OpenJDK or Sun Java. Closes: #496587. -- Matthias Klose <d...@ubuntu.com> Wed, 22 Oct 2008 20:51:24 +0200 [...] root@harlock:~# ls -ld /etc/default/cacerts -rw------- 1 root root 384 Apr 2 14:03 /etc/default/cacerts root@harlock:~# cat /etc/default/cacerts # defaults for ca-certificates-java # The password which is used to protect the integrity of the keystore. # storepass must be at least 6 characters long. It must be provided to # all commands that access the keystore contents. # Only change this if adding private certificates. #storepass='' # enable/disable updates of the keystore /etc/ssl/certs/java/cacerts cacerts_updates=yes root@harlock:~# ``` Never mind, what Guillaume experienced is the expected behavior, the fact that Guillaume would have liked a prompt for the password is a wishlist feature, bug updated accordingly. BTW, this is still true on buster as well, bug updated accordingly), thanks to Pierre Deshayes here at unige.ch for the notice. Thx, bye, Luca -- Dr. Luca Capello Ingénieur HPC Division du Système et des Technologies de l'Information et de la Communication Université de Genève | 24 rue Général-Dufour Tél +41 22 379 72 42 | Bureau 151 https://hpc-community.unige.ch mailto:luca.cape...@unige.ch
signature.asc
Description: PGP signature