16 Nov
2014
16 Nov
'14
3:13 p.m.
On Sun, Nov 16, 2014 at 3:54 PM, Guillaume Alaux <guillaume@alaux.net> wrote:
So the "ca-certificates-utils" from testing (20140923-5) declares a "provides" and "conflict" on "ca-certificates-java". Unfortunately jre and jdk packages use a "init-jks-keystore" script provided by "ca-certificates-java" but not "ca-certificates-utils". This scripts only computes file /etc/ssl/certs/java/cacerts which is actually also computed by "update-ca-trust".
So I could just make jre and jdk packages depend on ca-certificates-utils and then "ca-certificates-java" could be dropped: is that the whole plan?
Yes. Since p11-kit can construct the Java cert store and update-ca-trust always does so, ca-certificates-java becomes obsolete.