Keystore is not generated during package installation
Bug #244410 reported by
Anders Kaseorg
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ca-certificates-java (Debian) |
Fix Released
|
Unknown
|
|||
| ca-certificates-java (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
| Intrepid |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: ca-certificates
Currently, the postinst script removes the CAs in the pregenerated keystore that are not marked as trusted by the user. However, it does not add any CAs not yet in the keystore that are marked as trusted. So a user of a local CA that subsequently installs openjdk and ca-certificates
| Changed in ca-certificates-java: | |
| status: | Unknown → New |
Revision history for this message
| Matthias Klose (doko) wrote | #1 |
Revision history for this message
| Anders Kaseorg (andersk) wrote | #2 |
| Changed in ca-certificates-java: | |
| status: | New → In Progress |
Revision history for this message
| Matthias Klose (doko) wrote | #3 |
| Changed in ca-certificates-java: | |
| status: | In Progress → Fix Released |
| Changed in ca-certificates-java: | |
| status: | New → Fix Released |
To post a comment you must log in.
> However, it does not add any CAs not yet in the keystore that are marked as trusted.
How are these recognized? Shouldn't these be mentioned in /etc/ca-