Table of Contents

AWS

Migrating to RDS

pg_dump -Fc -v -h [endpoint of instance] -U [master username] [database] > [database].dump
createdb [new database name]
pg_restore -v -h [endpoint of instance] -U [master username] -d [new database name] [database].dump 

java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty on Linux, or why is the default truststore empty

copy C:\Program Files\Java\jdk1.8.0_25\jre\lib\security\cacerts to /var/lib/ca-certificates/java-cacerts from Windows to SUSE

This question already has an answer here: Error - trustAnchors parameter must be non-empty 9 answers

When you google for this exception: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty, multiple results appear. However there is no definitive solution, only guesses.

The problem arises (in my case at least) when I try to use open a connection over SSL. It works fine on my windows machine, but when I deploy it to the linux machine (with sun's jre installed) it fails with the above exception.

The problem is that the default truststore of the JRE is empty for some reason (size of only 32 bytes, whereas it is 80kb on windows).

When I copied my jre/lib/security/cacerts file from windows to linux, it worked fine.

The question is - why is the linux jre having an empty trust store?

Note that this happens on an Amazon EC2 instance, with the AMI linux, so it might be due to some amazon policies (I think java was pre-installed, but I'm not sure)