Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: ca-certificates-java (Ubuntu) Status: New => Confirmed
-- You received this bug notification because you are a member of OpenJDK, which is subscribed to ca-certificates-java in Ubuntu. https://bugs.launchpad.net/bugs/2019908 Title: openjdk-17-jre-headless:arm64 Package ca-certificates-java is not configured yet Status in ca-certificates-java package in Ubuntu: Confirmed Bug description: [Impact] Due to OpenJDK changes it is impossible to install JRE 17 in supported releases below Lunar (Kinetic, Jammy, Focal, Bionic) on arm64 platform due to the configuration order (see comment) A system with a pre-installed default JRE (e.g. JRE 11 in Jammy) is not affected. [Suggested Fix] Backport - https://code.launchpad.net/~vpa1977/ubuntu/+source/ca-certificates-java/+git/ca-certificates-java/+merge/438150 This merge proposal: - removes dependency on JRE - fixes command line for keytool call - add autopkgtests [Test Plan] - autopkgtests must pass for all platforms [Where problems could occur] A java version which does not contain a call to ca-certificates-java trigger will not update/refresh certificates. Those are 13(focal), 16 (focal) 18 (jammy and up), 19 (jammy and up). They are no longer supported and this behaviour can be ignored. [Original report] From May-16 below is failing: RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get install --yes --no-install-recommends \ openjdk-17-jre-headless #7 111.8 head: cannot open '/etc/ssl/certs/java/cacerts' for reading: No such file or directory #7 111.9 Exception in thread "main" java.lang.InternalError: Error loading java.security file #7 111.9 at java.base/java.security.Security.initialize(Security.java:106) #7 111.9 at java.base/java.security.Security$1.run(Security.java:84) #7 111.9 at java.base/java.security.Security$1.run(Security.java:82) #7 111.9 at java.base/java.security.AccessController.doPrivileged(AccessController.java:318) #7 111.9 at java.base/java.security.Security.<clinit>(Security.java:82) #7 111.9 at java.base/sun.security.jca.ProviderList.<init>(ProviderList.java:178) #7 111.9 at java.base/sun.security.jca.ProviderList$2.run(ProviderList.java:96) #7 111.9 at java.base/sun.security.jca.ProviderList$2.run(ProviderList.java:94) #7 111.9 at java.base/java.security.AccessController.doPrivileged(AccessController.java:318) #7 111.9 at java.base/sun.security.jca.ProviderList.fromSecurityProperties(ProviderList.java:93) #7 111.9 at java.base/sun.security.jca.Providers.<clinit>(Providers.java:55) #7 111.9 at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:156) #7 111.9 at java.base/java.security.cert.CertificateFactory.getInstance(CertificateFactory.java:193) #7 111.9 at org.debian.security.KeyStoreHandler.<init>(KeyStoreHandler.java:50) #7 111.9 at org.debian.security.UpdateCertificates.<init>(UpdateCertificates.java:65) #7 111.9 at org.debian.security.UpdateCertificates.main(UpdateCertificates.java:51) #7 111.9 dpkg: error processing package ca-certificates-java (--configure): #7 111.9 installed ca-certificates-java package post-installation script subprocess returned error exit status 1 #7 111.9 dpkg: dependency problems prevent configuration of openjdk-17-jre-headless:arm64: #7 111.9 openjdk-17-jre-headless:arm64 depends on ca-certificates-java (>= 20190405~); however: #7 111.9 Package ca-certificates-java is not configured yet. #7 111.9 #7 111.9 dpkg: error processing package openjdk-17-jre-headless:arm64 (--configure): #7 111.9 dependency problems - leaving unconfigured #7 111.9 Processing triggers for libc-bin (2.35-0ubuntu3.1) ... #7 111.9 Processing triggers for ca-certificates (20211016ubuntu0.22.04.1) ... #7 111.9 Updating certificates in /etc/ssl/certs... #7 112.2 0 added, 0 removed; done. #7 112.2 Running hooks in /etc/ca-certificates/update.d... #7 112.2 #7 112.2 Exception in thread "main" java.lang.InternalError: Error loading java.security file #7 112.2 at java.base/java.security.Security.initialize(Security.java:106) #7 112.2 at java.base/java.security.Security$1.run(Security.java:84) #7 112.2 at java.base/java.security.Security$1.run(Security.java:82) #7 112.2 at java.base/java.security.AccessController.doPrivileged(AccessController.java:318) #7 112.2 at java.base/java.security.Security.<clinit>(Security.java:82) #7 112.2 at java.base/sun.security.jca.ProviderList.<init>(ProviderList.java:178) #7 112.2 at java.base/sun.security.jca.ProviderList$2.run(ProviderList.java:96) #7 112.2 at java.base/sun.security.jca.ProviderList$2.run(ProviderList.java:94) #7 112.2 at java.base/java.security.AccessController.doPrivileged(AccessController.java:318) #7 112.2 at java.base/sun.security.jca.ProviderList.fromSecurityProperties(ProviderList.java:93) #7 112.2 at java.base/sun.security.jca.Providers.<clinit>(Providers.java:55) #7 112.2 at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:156) #7 112.2 at java.base/java.security.cert.CertificateFactory.getInstance(CertificateFactory.java:193) #7 112.2 at org.debian.security.KeyStoreHandler.<init>(KeyStoreHandler.java:50) #7 112.2 at org.debian.security.UpdateCertificates.<init>(UpdateCertificates.java:65) #7 112.2 at org.debian.security.UpdateCertificates.main(UpdateCertificates.java:51) #7 112.2 E: /etc/ca-certificates/update.d/jks-keystore exited with code 1. #7 112.2 done. #7 112.3 Errors were encountered while processing: #7 112.3 ca-certificates-java #7 112.3 openjdk-17-jre-headless:arm64 #7 112.3 E: Sub-process /usr/bin/dpkg returned an error code (1) ======================== looks like packages are updated on May-16 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-17/ and its causing issues To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/2019908/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~openjdk Post to : openjdk@lists.launchpad.net Unsubscribe : https://launchpad.net/~openjdk More help : https://help.launchpad.net/ListHelp