Bug#779974: josm: invalid certificate
Sebastiaan Couwenberg
sebastic at xs4all.nl
Wed Apr 22 16:58:06 UTC 2015
On 04/22/2015 11:29 AM, Salvo Tomaselli wrote:
> In data martedì 21 aprile 2015 19:51:15, Sebastiaan Couwenberg ha scritto:
>> On 04/21/2015 09:22 AM, Salvo Tomaselli wrote:
>>>> aptitude update && aptitude reinstall ca-certificates
>>>
>>> Tried this one, still same result in josm.
>>
>> Still only 11 certs in the Java cacerts keystore, this should be over 100.
>
>> crappy webmail I was using.
>>
>> Do you have the Equifax_Secure_CA.crt installed?
>
> $ ls -l /etc/ssl/certs/Equifax_Secure_CA.pem /usr/share/ca-
> certificates/mozilla/Equifax_Secure_CA.crt
So you have the CA cert, just not in the Java truststore. The
update-ca-certificates hook should take care of this, but for some
mysterious reason it doesn't import all certificates as it should.
Can you check if the certificate is enabled in the configuration file?
grep Equifax_Secure_CA /etc/ca-certificates.conf
Assuming it's enabled but still not picked up by the
update-ca-certificates hook, you can manually import the certificate:
sudo keytool -v -importcert -trustcacerts -alias equifax_secure_ca \
-file /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt \
-keystore /etc/ssl/certs/java/cacerts -storepass changeit
This manually import shouldn't be required, but I have no clue why your
cacerts keystore is not populated by the tools as expected.
Kind Regards,
Bas
--
GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
More information about the Pkg-grass-devel
mailing list