icedtea6-1.9.3 Build Problem: NoClassDefFoundError: org.apache.xerces.dom.DeferredDocumentImpl

DJ Lucas dj at
Thu Dec 9 16:42:35 PST 2010

On 12/09/2010 09:58 AM, Pavel Tisnovsky wrote:
> Dr Andrew John Hughes wrote:
>> On 10:37 Thu 09 Dec     , Pavel Tisnovsky wrote:
>>> Dr Andrew John Hughes wrote:
>>>> On 18:07 Tue 07 Dec     , Andrew Haley wrote:
>>>>> On 12/07/2010 05:57 PM, tjoen wrote:
>>>>>> On Mon, 2010-12-06 at 18:13 -0600, DJ Lucas wrote:
>>>>>>> Please try the installation instructions I currently have in the BLFS
>>>>>>> book prior to asking for support.
>>>>>> Thanks for your tip.
>>>>>> Building succeeds now by replacing self compiled xerces by the -bin
>>>>> It would be nice if we could get this stuff in IcedTea.  IcedTea already
>>>>> has a bunch of patches, and adding BLFS patches on top of IcedTea patches
>>>>> doesn't sound like a recipe for long-term happiness.
>>>> They are in IcedTea, bar the cacerts one.  This needs more
>>>> work/testing to be in a state to be used by everyone.  Most distros
>>>> are handling this locally and we need a solution for all if one is to
>>>> go in IcedTea.
>>>> I believe Pavel was working on one, but he hasn't responded on it recently.
>>> Yeah I'm slowly working on this. It's quite easy to generate cacerts on
>>> all distros using simple BASH script and keytool (taken from recently
>>> build OpenJDK), but the main problem is that every distro has a set of
>>> certificates located somewhere else and I'm not excited about creating
>>> some sort of big switch in Makefile ;-)
>> It shouldn't be a big switch in the Makefile, but handled by configure.
>> DJ has a patch:
>> which I haven't looked at in detail, but seems to be along the right lines.
> It looks good. I'll try to add this patch to IcedTea (locally) and run
> JTreg, because there are more regression test which depends on certificates.
> Looks like the script looks for all potential source of certificates,
> which is of course better than switch ;-)
>     for file in /etc/pki/tls/certs/ca-bundle.crt \
>       /etc/ssl/certs/ca-bundle.crt \
>       /etc/ssl/ca-bundle.crt \
>       /etc/ca-bundle.crt ; do
> Thank you Lucas for the patch!
> Pavel

Oh, just FYI, I did see a couple of keytool errors using only upstream
Mozilla certs:

keytool error: SHA384withECDSA
Signature not available

Not much can be done I'd suspect. Fortunately, I only see four of them
with the following sigs: 116bf586, 7d0b38bd, c089bbbd, and eed8c118.

-- DJ Lucas

This message has been scanned for viruses and
dangerous content, and is believed to be clean.

More information about the distro-pkg-dev mailing list