Using java-9-openjdk-9.0.1.11-2.fc27.x86_64, I get the following exception in my application: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty at java.base/java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) Using OpenJDK 8, this doesn't happen. So I wen't looking around, and it turns out that OpenJDK has a "cacerts" symlink in jre/lib/security. This symlink points to /etc/pki/java/cacerts. OpenJDK 9 has no such symlink there. And if I create it myself, the exception goes away. This is a fairly serious problem, as it will likely happen with any sort of SSL communication, incl. HTTPS. And therefore essentially on any network request.
Thak you for report. Will be fixed asap
*** Bug 1514736 has been marked as a duplicate of this bug. ***
Simple reproducer will do: public static void main(String... args) throws IOException{ URL u = new URL("https://www.redhat.com/index.html"); URLConnection c = u.openConnection(); c.connect(); } I'have started to build the packages. Once the builds passed some testing, will post updates.
f27: https://koji.fedoraproject.org/koji/taskinfo?taskID=23288458 f28: https://koji.fedoraproject.org/koji/taskinfo?taskID=23287780 f26: https://koji.fedoraproject.org/koji/taskinfo?taskID=23287675 considering the seriousness, feel free to pretest
java-9-openjdk-9.0.1.11-4.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-3194ce6478
java-9-openjdk-9.0.1.11-4.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-3194ce6478
Sorry, I was out for a bit. Problem seems to be fixed.
java-9-openjdk-9.0.1.11-4.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.