Home java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty on Linux, or why is the default truststore empty
Reply: 0

java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty on Linux, or why is the default truststore empty

user1338
1#
user1338 Published in June 23, 2018, 5:31 pm

This question already has an answer here:

  • Error - trustAnchors parameter must be non-empty 32 answers

When you google for this exception: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty, multiple results appear. However there is no definitive solution, only guesses.

The problem arises (in my case at least) when I try to use open a connection over SSL. It works fine on my windows machine, but when I deploy it to the linux machine (with sun's jre installed) it fails with the above exception.

The problem is that the default truststore of the JRE is empty for some reason (size of only 32 bytes, whereas it is 80kb on windows).

When I copied my jre/lib/security/cacerts file from windows to linux, it worked fine.

The question is - why is the linux jre having an empty trust store?

Note that this happens on an Amazon EC2 instance, with the AMI linux, so it might be due to some amazon policies (I think java was pre-installed, but I'm not sure)

You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.410604 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO