trustAnchors parameter must be non-empty

Michael Hall mik3hall at
Sat Mar 3 17:43:18 PST 2012

On Mar 3, 2012, at 7:38 PM, David Schlosnagle wrote:

> On Sat, Mar 3, 2012 at 6:38 PM, Michael Hall <mik3hall at> wrote:
>> Running into this...
>> Caused by: the trustAnchors parameter must be non-empty
>> trying to use some Google data stuff.
>> Appears to be the same error as...
>> but that is closed as a duplicate to 7114062 which for some reason I can't look at?
>> This bug is not available.
> By default, the OpenJDK build creates an empty trusted certificate
> authority keystore ($JAVA_HOME/jre/lib/security/cacerts), so if you
> attempt to do anything that would use those trusted certificates (e.g.
> SSL, for certificate chain validations), it will fail with the
> " the trustAnchors
> parameter must be non-empty" exception. I've run into this issue
> before during the build when using OpenJDK as a bootstrap for another
> OpenJDK build [1]. I'd suggest you look at importing the appropriate
> certificates into your cacerts via keytool, or use the
> system property to point at an existing valid
> keystore.

Thanks for the detailed response. I will consider the workarounds when I try this again. For the time being I had gone back to Apple's 1.6.

More information about the macosx-port-dev mailing list