openjdk team mailing list archive

Thread
Date
[Bug 2019908] Re: openjdk-17-jre-headless:arm64 Package ca-certificates-java is not configured yet

To: openjdk@xxxxxxxxxxxxxxxxxxx
From: Vladimir Petko <2019908@xxxxxxxxxxxxxxxxxx>
Date: Wed, 17 May 2023 02:34:51 -0000
Reply-to: Bug 2019908 <2019908@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
Note: amd64 installs fine:

 sudo  DEBIAN_FRONTEND=noninteractive apt-get install --yes --no-install-recommends \
    openjdk-17-jre-headless
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libflashrom1 libftdi1-2 libmozjs-91-0 linux-headers-5.19.0-32-generic
  linux-hwe-5.19-headers-5.19.0-32 linux-image-5.19.0-32-generic
  linux-modules-5.19.0-32-generic linux-modules-extra-5.19.0-32-generic
Use 'sudo apt autoremove' to remove them.
The following additional packages will be installed:
  ca-certificates-java
Suggested packages:
  fonts-dejavu-extra fonts-ipafont-gothic fonts-ipafont-mincho
  fonts-wqy-microhei | fonts-wqy-zenhei
The following NEW packages will be installed:
  ca-certificates-java openjdk-17-jre-headless
0 upgraded, 2 newly installed, 0 to remove and 1 not upgraded.
Need to get 48.3 MB of archives.
After this operation, 193 MB of additional disk space will be used.
Get:1 http://nz.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 openjdk-17-jre-headless amd64 17.0.7+7~us1-0ubuntu1~22.04.2 [48.3 MB]
Get:2 http://nz.archive.ubuntu.com/ubuntu jammy-updates/main amd64 ca-certificates-java all 20190909ubuntu1.1 [12.0 kB]
Fetched 48.3 MB in 1s (32.7 MB/s)                
Selecting previously unselected package openjdk-17-jre-headless:amd64.
(Reading database ... 244863 files and directories currently installed.)
Preparing to unpack .../openjdk-17-jre-headless_17.0.7+7~us1-0ubuntu1~22.04.2_amd64.deb ...
Unpacking openjdk-17-jre-headless:amd64 (17.0.7+7~us1-0ubuntu1~22.04.2) ...
Selecting previously unselected package ca-certificates-java.
Preparing to unpack .../ca-certificates-java_20190909ubuntu1.1_all.deb ...
Unpacking ca-certificates-java (20190909ubuntu1.1) ...
Setting up openjdk-17-jre-headless:amd64 (17.0.7+7~us1-0ubuntu1~22.04.2) ...
update-alternatives: using /usr/lib/jvm/java-17-openjdk-amd64/bin/java to provide /usr/bin/java (java) in auto mode
update-alternatives: using /usr/lib/jvm/java-17-openjdk-amd64/bin/jpackage to provide /usr/bin/jpackage (jpackage) in auto mode
update-alternatives: using /usr/lib/jvm/java-17-openjdk-amd64/bin/keytool to provide /usr/bin/keytool (keytool) in auto mode
update-alternatives: using /usr/lib/jvm/java-17-openjdk-amd64/bin/rmiregistry to provide /usr/bin/rmiregistry (rmiregistry) in auto mode
update-alternatives: using /usr/lib/jvm/java-17-openjdk-amd64/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode
Setting up ca-certificates-java (20190909ubuntu1.1) ...
head: cannot open '/etc/ssl/certs/java/cacerts' for reading: No such file or directory
Adding debian:Starfield_Services_Root_Certificate_Authority_-_G2.pem
Adding debian:Comodo_AAA_Services_root.pem
Adding debian:DigiCert_Global_Root_G2.pem
Adding debian:Entrust_Root_Certification_Authority_-_G4.pem
Adding debian:Trustwave_Global_Certification_Authority.pem
Adding debian:emSign_ECC_Root_CA_-_C3.pem
Adding debian:Trustwave_Global_ECC_P256_Certification_Authority.pem
Adding debian:Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
Adding debian:Entrust.net_Premium_2048_Secure_Server_CA.pem
Adding debian:ssl-cert-snakeoil.pem
Adding debian:GTS_Root_R1.pem
Adding debian:GDCA_TrustAUTH_R5_ROOT.pem
Adding debian:GTS_Root_R2.pem
Adding debian:QuoVadis_Root_CA_2_G3.pem
Adding debian:CA_Disig_Root_R2.pem
Adding debian:DigiCert_Global_Root_G3.pem
Adding debian:SSL.com_Root_Certification_Authority_RSA.pem
Adding debian:QuoVadis_Root_CA_3_G3.pem
Adding debian:Hongkong_Post_Root_CA_1.pem
Adding debian:GlobalSign_Root_E46.pem
Adding debian:Amazon_Root_CA_2.pem
Adding debian:T-TeleSec_GlobalRoot_Class_3.pem
Adding debian:AffirmTrust_Premium.pem
Adding debian:Secure_Global_CA.pem
Adding debian:T-TeleSec_GlobalRoot_Class_2.pem
Adding debian:COMODO_RSA_Certification_Authority.pem
Adding debian:Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
Adding debian:DigiCert_Global_Root_CA.pem
Adding debian:ISRG_Root_X1.pem
Adding debian:Certigna.pem
Adding debian:Security_Communication_Root_CA.pem
Adding debian:NAVER_Global_Root_Certification_Authority.pem
Adding debian:Actalis_Authentication_Root_CA.pem
Adding debian:USERTrust_RSA_Certification_Authority.pem
Adding debian:SZAFIR_ROOT_CA2.pem
Adding debian:IdenTrust_Commercial_Root_CA_1.pem
Adding debian:SecureTrust_CA.pem
Adding debian:Certum_EC-384_CA.pem
Adding debian:AC_RAIZ_FNMT-RCM.pem
Adding debian:DigiCert_Trusted_Root_G4.pem
Adding debian:DigiCert_Assured_ID_Root_G3.pem
Adding debian:e-Szigno_Root_CA_2017.pem
Adding debian:Security_Communication_RootCA2.pem
Adding debian:Microsoft_RSA_Root_Certificate_Authority_2017.pem
Adding debian:IdenTrust_Public_Sector_Root_CA_1.pem
Adding debian:OISTE_WISeKey_Global_Root_GB_CA.pem
Adding debian:Microsec_e-Szigno_Root_CA_2009.pem
Adding debian:GlobalSign_Root_CA.pem
Adding debian:emSign_Root_CA_-_C1.pem
Adding debian:DigiCert_High_Assurance_EV_Root_CA.pem
Adding debian:Staat_der_Nederlanden_EV_Root_CA.pem
Adding debian:ACCVRAIZ1.pem
Adding debian:GlobalSign_Root_R46.pem
Adding debian:AffirmTrust_Premium_ECC.pem
Adding debian:certSIGN_ROOT_CA.pem
Adding debian:Izenpe.com.pem
Adding debian:GlobalSign_Root_CA_-_R3.pem
Adding debian:TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
Adding debian:AffirmTrust_Commercial.pem
Adding debian:UCA_Global_G2_Root.pem
Adding debian:Network_Solutions_Certificate_Authority.pem
Adding debian:Entrust_Root_Certification_Authority.pem
Adding debian:EC-ACC.pem
Adding debian:QuoVadis_Root_CA_1_G3.pem
Adding debian:XRamp_Global_CA_Root.pem
Adding debian:Trustwave_Global_ECC_P384_Certification_Authority.pem
Adding debian:GlobalSign_ECC_Root_CA_-_R5.pem
Adding debian:UCA_Extended_Validation_Root.pem
Adding debian:Certum_Trusted_Network_CA_2.pem
Adding debian:Entrust_Root_Certification_Authority_-_EC1.pem
Adding debian:Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
Adding debian:SSL.com_Root_Certification_Authority_ECC.pem
Adding debian:SSL.com_EV_Root_Certification_Authority_ECC.pem
Adding debian:DigiCert_Assured_ID_Root_CA.pem
Adding debian:SecureSign_RootCA11.pem
Adding debian:GlobalSign_Root_CA_-_R6.pem
Adding debian:Atos_TrustedRoot_2011.pem
Adding debian:DigiCert_Assured_ID_Root_G2.pem
Adding debian:SSL.com_EV_Root_Certification_Authority_RSA_R2.pem
Adding debian:emSign_ECC_Root_CA_-_G3.pem
Adding debian:Hongkong_Post_Root_CA_3.pem
Adding debian:GlobalSign_Root_CA_-_R2.pem
Adding debian:GlobalSign_ECC_Root_CA_-_R4.pem
Adding debian:D-TRUST_Root_Class_3_CA_2_EV_2009.pem
Adding debian:TWCA_Root_Certification_Authority.pem
Adding debian:COMODO_ECC_Certification_Authority.pem
Adding debian:SwissSign_Gold_CA_-_G2.pem
Adding debian:ePKI_Root_Certification_Authority.pem
Adding debian:E-Tugra_Certification_Authority.pem
Adding debian:Amazon_Root_CA_1.pem
Adding debian:certSIGN_Root_CA_G2.pem
Adding debian:TWCA_Global_Root_CA.pem
Adding debian:Amazon_Root_CA_4.pem
Adding debian:OISTE_WISeKey_Global_Root_GC_CA.pem
Adding debian:Certum_Trusted_Network_CA.pem
Adding debian:Starfield_Root_Certificate_Authority_-_G2.pem
Adding debian:ANF_Secure_Server_Root_CA.pem
Adding debian:D-TRUST_Root_Class_3_CA_2_2009.pem
Adding debian:Go_Daddy_Root_Certificate_Authority_-_G2.pem
Adding debian:NetLock_Arany_=Class_Gold=_F\u0151tan\u00fas\u00edtv\u00e1ny.pem
Adding debian:Starfield_Class_2_CA.pem
Adding debian:USERTrust_ECC_Certification_Authority.pem
Adding debian:Entrust_Root_Certification_Authority_-_G2.pem
Adding debian:Cybertrust_Global_Root.pem
Adding debian:Buypass_Class_3_Root_CA.pem
Adding debian:Microsoft_ECC_Root_Certificate_Authority_2017.pem
Adding debian:Go_Daddy_Class_2_CA.pem
Adding debian:QuoVadis_Root_CA_2.pem
Adding debian:Certigna_Root_CA.pem
Adding debian:SwissSign_Silver_CA_-_G2.pem
Adding debian:QuoVadis_Root_CA_3.pem
Adding debian:Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
Adding debian:COMODO_Certification_Authority.pem
Adding debian:TeliaSonera_Root_CA_v1.pem
Adding debian:Amazon_Root_CA_3.pem
Adding debian:AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
Adding debian:emSign_Root_CA_-_G1.pem
Adding debian:Certum_Trusted_Root_CA.pem
Adding debian:GTS_Root_R3.pem
Adding debian:Buypass_Class_2_Root_CA.pem
Adding debian:GLOBALTRUST_2020.pem
Adding debian:AffirmTrust_Networking.pem
Adding debian:CFCA_EV_ROOT.pem
Adding debian:GTS_Root_R4.pem
Adding debian:Baltimore_CyberTrust_Root.pem
done.
Processing triggers for ca-certificates (20211016ubuntu0.22.04.1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...

done.
done.

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to ca-certificates-java in Ubuntu.
https://bugs.launchpad.net/bugs/2019908

Title:
  openjdk-17-jre-headless:arm64 Package ca-certificates-java is not
  configured yet

Status in ca-certificates-java package in Ubuntu:
  New

Bug description:
  From May-16 below is failing:
  RUN apt-get update &&  \
      DEBIAN_FRONTEND=noninteractive apt-get install --yes --no-install-recommends \
      openjdk-17-jre-headless 

  #7 111.8 head: cannot open '/etc/ssl/certs/java/cacerts' for reading: No such file or directory
  #7 111.9 Exception in thread "main" java.lang.InternalError: Error loading java.security file
  #7 111.9 	at java.base/java.security.Security.initialize(Security.java:106)
  #7 111.9 	at java.base/java.security.Security$1.run(Security.java:84)
  #7 111.9 	at java.base/java.security.Security$1.run(Security.java:82)
  #7 111.9 	at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
  #7 111.9 	at java.base/java.security.Security.<clinit>(Security.java:82)
  #7 111.9 	at java.base/sun.security.jca.ProviderList.<init>(ProviderList.java:178)
  #7 111.9 	at java.base/sun.security.jca.ProviderList$2.run(ProviderList.java:96)
  #7 111.9 	at java.base/sun.security.jca.ProviderList$2.run(ProviderList.java:94)
  #7 111.9 	at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
  #7 111.9 	at java.base/sun.security.jca.ProviderList.fromSecurityProperties(ProviderList.java:93)
  #7 111.9 	at java.base/sun.security.jca.Providers.<clinit>(Providers.java:55)
  #7 111.9 	at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:156)
  #7 111.9 	at java.base/java.security.cert.CertificateFactory.getInstance(CertificateFactory.java:193)
  #7 111.9 	at org.debian.security.KeyStoreHandler.<init>(KeyStoreHandler.java:50)
  #7 111.9 	at org.debian.security.UpdateCertificates.<init>(UpdateCertificates.java:65)
  #7 111.9 	at org.debian.security.UpdateCertificates.main(UpdateCertificates.java:51)
  #7 111.9 dpkg: error processing package ca-certificates-java (--configure):
  #7 111.9  installed ca-certificates-java package post-installation script subprocess returned error exit status 1
  #7 111.9 dpkg: dependency problems prevent configuration of openjdk-17-jre-headless:arm64:
  #7 111.9  openjdk-17-jre-headless:arm64 depends on ca-certificates-java (>= 20190405~); however:
  #7 111.9   Package ca-certificates-java is not configured yet.
  #7 111.9 
  #7 111.9 dpkg: error processing package openjdk-17-jre-headless:arm64 (--configure):
  #7 111.9  dependency problems - leaving unconfigured
  #7 111.9 Processing triggers for libc-bin (2.35-0ubuntu3.1) ...
  #7 111.9 Processing triggers for ca-certificates (20211016ubuntu0.22.04.1) ...
  #7 111.9 Updating certificates in /etc/ssl/certs...
  #7 112.2 0 added, 0 removed; done.
  #7 112.2 Running hooks in /etc/ca-certificates/update.d...
  #7 112.2 
  #7 112.2 Exception in thread "main" java.lang.InternalError: Error loading java.security file
  #7 112.2 	at java.base/java.security.Security.initialize(Security.java:106)
  #7 112.2 	at java.base/java.security.Security$1.run(Security.java:84)
  #7 112.2 	at java.base/java.security.Security$1.run(Security.java:82)
  #7 112.2 	at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
  #7 112.2 	at java.base/java.security.Security.<clinit>(Security.java:82)
  #7 112.2 	at java.base/sun.security.jca.ProviderList.<init>(ProviderList.java:178)
  #7 112.2 	at java.base/sun.security.jca.ProviderList$2.run(ProviderList.java:96)
  #7 112.2 	at java.base/sun.security.jca.ProviderList$2.run(ProviderList.java:94)
  #7 112.2 	at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
  #7 112.2 	at java.base/sun.security.jca.ProviderList.fromSecurityProperties(ProviderList.java:93)
  #7 112.2 	at java.base/sun.security.jca.Providers.<clinit>(Providers.java:55)
  #7 112.2 	at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:156)
  #7 112.2 	at java.base/java.security.cert.CertificateFactory.getInstance(CertificateFactory.java:193)
  #7 112.2 	at org.debian.security.KeyStoreHandler.<init>(KeyStoreHandler.java:50)
  #7 112.2 	at org.debian.security.UpdateCertificates.<init>(UpdateCertificates.java:65)
  #7 112.2 	at org.debian.security.UpdateCertificates.main(UpdateCertificates.java:51)
  #7 112.2 E: /etc/ca-certificates/update.d/jks-keystore exited with code 1.
  #7 112.2 done.
  #7 112.3 Errors were encountered while processing:
  #7 112.3  ca-certificates-java
  #7 112.3  openjdk-17-jre-headless:arm64
  #7 112.3 E: Sub-process /usr/bin/dpkg returned an error code (1)


  ========================

  looks like packages are updated on May-16 http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-17/
  and its causing issues

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/2019908/+subscriptions
References

[Bug 2019908] [NEW] openjdk-17-jre-headless:arm64 Package ca-certificates-java is not configured yet
From: Eswar, 2023-05-17