icedtea6-1.9.3 Build Problem: NoClassDefFoundError: org.apache.xerces.dom.DeferredDocumentImpl
DJ Lucas
dj at lucasit.com
Thu Dec 9 16:42:35 PST 2010
On 12/09/2010 09:58 AM, Pavel Tisnovsky wrote:
> Dr Andrew John Hughes wrote:
>> On 10:37 Thu 09 Dec , Pavel Tisnovsky wrote:
>>> Dr Andrew John Hughes wrote:
>>>> On 18:07 Tue 07 Dec , Andrew Haley wrote:
>>>>> On 12/07/2010 05:57 PM, tjoen wrote:
>>>>>> On Mon, 2010-12-06 at 18:13 -0600, DJ Lucas wrote:
>>>>>>> Please try the installation instructions I currently have in the BLFS
>>>>>>> book prior to asking for support.
>>>>>>> http://www.linuxfromscratch.org/blfs/view/svn/general/icedtea6.html
>>>>>> Thanks for your tip.
>>>>>> Building succeeds now by replacing self compiled xerces by the -bin
>>>>> It would be nice if we could get this stuff in IcedTea. IcedTea already
>>>>> has a bunch of patches, and adding BLFS patches on top of IcedTea patches
>>>>> doesn't sound like a recipe for long-term happiness.
>>>>>
>>>> They are in IcedTea, bar the cacerts one. This needs more
>>>> work/testing to be in a state to be used by everyone. Most distros
>>>> are handling this locally and we need a solution for all if one is to
>>>> go in IcedTea.
>>>>
>>>> I believe Pavel was working on one, but he hasn't responded on it recently.
>>> Yeah I'm slowly working on this. It's quite easy to generate cacerts on
>>> all distros using simple BASH script and keytool (taken from recently
>>> build OpenJDK), but the main problem is that every distro has a set of
>>> certificates located somewhere else and I'm not excited about creating
>>> some sort of big switch in Makefile ;-)
>>>
>>
>> It shouldn't be a big switch in the Makefile, but handled by configure.
>> DJ has a patch:
>>
>> http://www.linuxfromscratch.org/~dj/icedtea6/icedtea6-enable-cacerts.patch
>>
>> which I haven't looked at in detail, but seems to be along the right lines.
>
> It looks good. I'll try to add this patch to IcedTea (locally) and run
> JTreg, because there are more regression test which depends on certificates.
>
> Looks like the script looks for all potential source of certificates,
> which is of course better than switch ;-)
> for file in /etc/pki/tls/certs/ca-bundle.crt \
> /etc/ssl/certs/ca-bundle.crt \
> /etc/ssl/ca-bundle.crt \
> /etc/ca-bundle.crt ; do
>
> Thank you Lucas for the patch!
>
> Pavel
>
Oh, just FYI, I did see a couple of keytool errors using only upstream
Mozilla certs:
keytool error: java.security.NoSuchAlgorithmException: SHA384withECDSA
Signature not available
Not much can be done I'd suspect. Fortunately, I only see four of them
with the following sigs: 116bf586, 7d0b38bd, c089bbbd, and eed8c118.
-- DJ Lucas
--
This message has been scanned for viruses and
dangerous content, and is believed to be clean.
More information about the distro-pkg-dev
mailing list