Bug#1015771: ca-certificates-java: Illegal option: -cacerts on package upgrade

Sven-Haegar Koch haegar at sdinet.de
Thu Jul 21 00:04:53 BST 2022 

Package: ca-certificates-java
Version: 20220719
Severity: normal

Dear Maintainer,

While upgrading outputs some error messages from keytool:

Setting up ca-certificates-java (20220719) ...
Installing new version of config file /etc/ca-certificates/update.d/jks-keystore ...
Illegal option:  -cacerts
Key and Certificate Management Tool

Commands:

 -certreq            Generates a certificate request
 -changealias        Changes an entry's alias
 -delete             Deletes an entry
 -exportcert         Exports certificate
 -genkeypair         Generates a key pair
 -genseckey          Generates a secret key
 -gencert            Generates certificate from a certificate request
 -importcert         Imports a certificate or a certificate chain
 -importpass         Imports a password
 -importkeystore     Imports one or all entries from another keystore
 -keypasswd          Changes the key password of an entry
 -list               Lists entries in a keystore
 -printcert          Prints the content of a certificate
 -printcertreq       Prints the content of a certificate request
 -printcrl           Prints the content of a CRL file
 -storepasswd        Changes the store password of a keystore

Use "keytool -command_name -help" for usage of command_name
Replacing debian:ACCVRAIZ1.pem
Adding debian:AC_RAIZ_FNMT-RCM.pem
Adding debian:AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
Replacing debian:Actalis_Authentication_Root_CA.pem
...
Replacing debian:USERTrust_RSA_Certification_Authority.pem
Replacing debian:XRamp_Global_CA_Root.pem
done.

As I don't really use java outside of some dependencies I can't say
if this error has any effect.

Greetings,
Sven


-- System Information:
Debian Release: bookworm/sid
  APT prefers oldoldstable
  APT policy: (500, 'oldoldstable'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.18.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ca-certificates-java depends on:
ii  ca-certificates  20211016

Versions of packages ca-certificates-java recommends:
ii  default-jre-headless [java8-runtime-headless]     2:1.11-72
ii  openjdk-11-jre-headless [java8-runtime-headless]  11.0.16+8-1
ii  openjdk-8-jre-headless [java8-runtime-headless]   8u342~b06-1
ii  oracle-java8-jre [java8-runtime-headless]         8u201-0+deb11

ca-certificates-java suggests no packages.

-- Configuration Files:
/etc/default/cacerts [Errno 13] Permission denied: '/etc/default/cacerts'

-- debconf-show failed

More information about the pkg-java-maintainers mailing list