Source: openjdk-11 Severity: normal hi folks,
I was using the brand new openjdk-11 packages in stretch-backports. thanks for providing these! they generally seem to work for me, but I found that I cannot make TS connections. some googling revealed that the default format for the cacert files jdk reads changed from jks to pkcs12 or so. there seem to be plenty of reports aboutthis problem e.g. [0]. I managed to work around it by doing this: + echo "javax.net.ssl.trustStorePassword=changeit" \ + >> /etc/java-11-openjdk/management/management.properties && \ + /usr/bin/printf '\xfe\xed\xfe\xed\x00\x00\x00\x02\x00\x00\x00\x00\xe2\x68\x6e\x45\xfb\x43\xdf\xa4\xd9\x92\xdd\x41\xce\xb6\xb2\x1c\x63\x30\xd7\x92' > /etc/ssl/certs/java/cacerts && \ + /var/lib/dpkg/info/ca-certificates-java.postinst configure but I guess a better solution is needed regards robert -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-2-amd64 (SMP w/8 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15), LANGUAGE=en_GB:en (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
