DDEV mkcert -install fails or hangs when JAVA_HOME misconfigured

Question

I'm trying to setup my local env using ddev and I'm having trouble with keytool.

I've been googling around (And also asked ChatGPT) but I can't find the solution.

The problem I have is that when I use ddev start I get an error related to keytool -list.

When I try the command keytool -list outside of ddev I get asked for the keystore password... I was hoping to configure this information in some file inside .ddev but I can't figure it out.

Thanks!

Answer 1

TL;DR

One way to fix this is to delete the .ddev configuration directory in the home directory: ~/.ddev and then restart the app (ddev start). Note that deleting the config directory will reset all the global ddev settings, so make a backup (or move the directory instead of deleting it).

Full explanation:

I got the following error when running ddev start:

Failed to create certificates for project, check mkcert operation: ERROR: failed to execute "keytool -list": exit status 1

keytool error: java.lang.Exception: Keystore file does not exist: 

; err=exit status 1 

This was caused by $JAVA_HOME not being set correctly. I could confirm this by running keytool -list on the command line (in my case, on macOS), which gave the error:

keytool error: java.lang.Exception: Keystore file does not exist: /Users/private/.keystore

In my case, the problem was that I had originally installed openjdk with brew, and I uninstalled it and installed then installed openjdk@21 to get an Android app to build.

In my case, I fixed this by deleting the .ddev configuration directory in the home directory: ~/.ddev and then restarting my ddev app. Note that deleting the config directory will reset all the global ddev settings, so make a backup (or move the directory instead of deleting it).

Answer 2

I had a similar (maybe the same) problem today.

As mentioned in other comments the problem is related to the JAVA_HOME environment variable and is not caused by DDEV, but simply by the users environment.

In my case i had

export JAVA_HOME=$(readlink -f /usr/bin/javac | sed "s:/bin/javac::")

in my .profile, but apparently no longer had javac installed, which caused JAVA_HOME to be set to /usr.

Replacing that with

export JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:/bin/java::")

solved the problem. Any other way to set the corrent JAVA_HOME will work as well. Unsetting JAVA_HOME (setting to an empty value, export JAVA_HOME=) works too.

The problem also does not only happen on ddev start, but can be seen during the setup step mkcert -install as well (mkcert is installed by ddev in my case, Ubuntu 24.04).

I was able to easily reproduce the problem:

$ export JAVA_HOME=/usr
$ mkcert -install
The local CA is already installed in the system trust store! 👍
The local CA is already installed in the Firefox and/or Chrome/Chromium trust store! 👍
ERROR: failed to execute "keytool -list": exit status 1

keytool error: java.lang.Exception: Keystore file does not exist: 

$ export JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:/bin/java::")
$ mkcert -install
The local CA is already installed in the system trust store! 👍
The local CA is already installed in the Firefox and/or Chrome/Chromium trust store! 👍
The local CA is already installed in Java's trust store! 👍