@raboof thanks for your answer. Unfortunately I can’t give you much of a response, as I’m really new to this ecosystem (Android, actually) and really don’t know what’s what, yet. I’m really just trying to follow the onboarding steps and adapt them to NixOS. I don’t know what these certificates will be used for.
I’ll keep your answer in mind though. Maybe it’ll become clearer in the coming weeks
Anyway, I seem to have found a solution using a very different approach, which seems to also work for the oracle jdks (not sure any of the other advice here would). Please feel free to have a look and comment on that: Altering package (oraclejdk11) installation fails - #2 by mvb
I have just discovered this today, sorry for necro-thread! I also need to add a custom root certificate to my JDK so that Keycloak can communicate with LDAP over SSL.
Sadly, it doesn’t work if I have stuff in a flake. I end up with a failure:
building the system configuration...
error:
… while calling the 'head' builtin
at /nix/store/lzhqf5y9dcgfkg5f7f96jjc814pgrsqy-source/lib/attrsets.nix:1575:11:
1574| || pred here (elemAt values 1) (head values) then
1575| head values
| ^
1576| else
… while evaluating the attribute 'value'
at /nix/store/lzhqf5y9dcgfkg5f7f96jjc814pgrsqy-source/lib/modules.nix:809:9:
808| in warnDeprecation opt //
809| { value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;
| ^
810| inherit (res.defsFinal') highestPrio;
(stack trace truncated; use '--show-trace' to show the full trace)
error: attribute 'system' missing
at /nix/store/lzhqf5y9dcgfkg5f7f96jjc814pgrsqy-source/lib/modules.nix:508:28:
507| builtins.addErrorContext (context name)
508| (args.${name} or config._module.args.${name})
| ^
509| ) (lib.functionArgs f);