In the Readme.Debian file for ca-certificates-java it states:- ca-certificates-local doesn't automagically handle local certificates although these are not overwritten on updates. So how are local certificates supposed to be handled? It seems strange that java should handle certificates, or rather the list of certificates to handle, differently from the rest of the system. David