From owner-freebsd-java@FreeBSD.ORG  Sat Feb 19 14:03:36 2005
Return-Path: <owner-freebsd-java@FreeBSD.ORG>
Delivered-To: freebsd-java@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5D9E616A4CE
	for <java@freebsd.org>; Sat, 19 Feb 2005 14:03:36 +0000 (GMT)
Received: from mailout05.sul.t-online.com (mailout05.sul.t-online.com
	[194.25.134.82])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D078343D46
	for <java@freebsd.org>; Sat, 19 Feb 2005 14:03:35 +0000 (GMT)
	(envelope-from mike@reifenberger.com)
Received: from fwd09.aul.t-online.de 
	by mailout05.sul.t-online.com with smtp 
	id 1D2VCn-0005lq-00; Sat, 19 Feb 2005 15:03:33 +0100
Received: from fw.reifenberger.com
	(GEdM1GZ-weHO43Fv-vpw7AV3X6uCPKyfGST3w8s2fJ5W+YdBL1t-k7@[62.158.172.51]) by
	fmrl09.sul.t-online.com
	with esmtp id 1D2VCO-0dQrpo0; Sat, 19 Feb 2005 15:03:08 +0100
Received: from localhost (mike@localhost)j1JE374h063910;
	Sat, 19 Feb 2005 15:03:07 +0100 (CET)
	(envelope-from mike@reifenberger.com)
X-Authentication-Warning: fw.reifenberger.com: mike owned process doing -bs
Date: Sat, 19 Feb 2005 15:03:07 +0100 (CET)
From: Michael Reifenberger <mike@Reifenberger.com>
To: Alexey Zelkin <phantom@FreeBSD.org.ua>
In-Reply-To: <20050219132212.GA21028@phantom.cris.net>
Message-ID: <20050219145725.N63696@fw.reifenberger.com>
References: <20050219123658.F63417@fw.reifenberger.com>
	<20050219140045.G63696@fw.reifenberger.com>
	<20050219132212.GA21028@phantom.cris.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-ID: GEdM1GZ-weHO43Fv-vpw7AV3X6uCPKyfGST3w8s2fJ5W+YdBL1t-k7@t-dialin.net
X-TOI-MSGID: ca6436a6-7372-458f-b9d5-249a336d3ac8
cc: java@freebsd.org
Subject: Re: Adding cacerts to jdk15
X-BeenThere: freebsd-java@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Porting Java to FreeBSD <freebsd-java.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-java>,
	<mailto:freebsd-java-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-java>
List-Post: <mailto:freebsd-java@freebsd.org>
List-Help: <mailto:freebsd-java-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-java>,
	<mailto:freebsd-java-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Feb 2005 14:03:36 -0000

On Sat, 19 Feb 2005, Alexey Zelkin wrote:
...
>>
>> Because without cacerts no SSL connection works.
>> Its the same reason cacerts got added to java/jdk14
>
> We are not adding cacerts for jdk1[34], but *replacing* it (because
> of security problems).  JDK 1.5.0 was released *after* this problem
> was found and fixed, so jdk15 is distributing with valid cacerts
> file and there's no reason to do any manual interventions.
>

Hmm. On my amd64 System the installed cacerts file was empty.
That caused me a non working SSL...

Lets see:
totum# cd /usr/ports/java/jdk15
totum# make extract
...
totum# find work -name cacerts|xargs ls -l
-r--r--r--  1 root  wheel  7910 19 Okt 21:04 work/deploy/src/javaws/share/config/cacerts
-r--r--r--  1 root  wheel    32 19 Okt 20:59 work/j2se/src/share/lib/security/cacerts
                           ^^^^^
Looks pretty empty for me...

Bye/2
---
Michael Reifenberger, Business Development Manager SAP-Basis, Plaut Consulting
Comp: Michael.Reifenberger@plaut.de | Priv: Michael@Reifenberger.com
       http://www.plaut.de           |       http://www.Reifenberger.com