Path: csiph.com!goblin3!goblin2!goblin.stu.neva.ru!aioe.org!bofh.it!news.nic.it!robomod
From: Sebastiaan Couwenberg <sebastic@xs4all.nl>
Newsgroups: linux.debian.maint.java,linux.debian.bugs.dist
Subject: Bug#779974: josm: invalid certificate (incomplete  /etc/ssl/certs/java/cacert)
Date: Wed, 26 Aug 2015 12:50:02 +0200
Message-ID: <q1Grg-3jH-7@gated-at.bofh.it>
References: <p1jwR-3JW-7@gated-at.bofh.it> <phZip-4cv-19@gated-at.bofh.it> <pi6jU-69S-21@gated-at.bofh.it> <pilLX-3Ds-5@gated-at.bofh.it> <q1Grg-3jH-9@gated-at.bofh.it>
X-Original-To: Salvo Tomaselli <tiposchi@tiscali.it>, debian-java@lists.debian.org
X-Mailbox-Line: From debian-java-request@lists.debian.org  Wed Aug 26 10:43:12 2015
Old-Return-Path: <sebastic@xs4all.nl>
X-Amavis-Spam-Status: No, score=-7.678 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, LDO_WHITELIST=-5, RCVD_IN_BRBL_LASTEXT=1.449, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.427] autolearn=ham autolearn_force=no
X-Policyd-Weight: using cached result; rate: -7
Reply-To: Sebastiaan Couwenberg <sebastic@xs4all.nl>, 779974@bugs.debian.org
X-Enigmail-Draft-Status: N1110
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.0.1
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-Mailing-List: <debian-java@lists.debian.org> archive/latest/18597
List-ID: <debian-java.lists.debian.org>
List-URL: <https://lists.debian.org/debian-java/>
List-Archive: https://lists.debian.org/msgid-search/55DD9824.8050808@xs4all.nl
Approved: robomod@news.nic.it
Lines: 23
Organization: linux.* mail to news gateway
Sender: robomod@news.nic.it
X-Original-Cc: 779974@bugs.debian.org
X-Original-Date: Wed, 26 Aug 2015 12:42:44 +0200
X-Original-Message-ID: <55DD9824.8050808@xs4all.nl>
X-Original-References: <20150307094541.15301.59729.reportbug@localhost> <3612906.0GkQqr9yNo@hal9000> <5537D31E.7020609@xs4all.nl> <3343429.j8KQaJcb5M@hal9000> <5539332C.80001@xs4all.nl>
Xref: csiph.com linux.debian.maint.java:8285 linux.debian.bugs.dist:674950

Hi Salvo & Java Team,

As reported in the #779974 josm is not working for Salvo because the
tile.openstreetmap.org SSL certificates are not trusted. This is caused
by the /etc/ssl/certs/java/cacert list being incomplete, it doesn't
include the entries other systems with ca-certificates-java have.

So far I've been unable to get Salvo to regenerate
/etc/ssl/certs/java/cacert properly, as should be automatic by the
jks-keystore ca-certificates update hook.

Do you have any advise what we could try to get his Java cacerts fixed?

We've already tried to import the certificates in the CA chain manually,
although that shouldn't be required.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1