ca-certificates 20110502+nmu1ubuntu3 (and ca-certificates-java 20110912ubuntu2): Exception in thread "main" java.security.ProviderException: Could not initialize NSS

The following packages will be upgraded:
  ca-certificates ca-certificates-java google-chrome-beta
3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 27.7 MB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue [Y/n]?
Get:1 http://dl.google.com/linux/chrome/deb/ stable/main google-chrome-beta i386 14.0.835.186-r101821 [27.5 MB]
Get:2 http://us.archive.ubuntu.com/ubuntu/ oneiric/main ca-certificates-java all 20110912ubuntu2 [8,070 B]
Get:3 http://us.archive.ubuntu.com/ubuntu/ oneiric/main ca-certificates i386 20110502+nmu1ubuntu3 [164 kB]
Fetched 27.7 MB in 48s (571 kB/s)
Preconfiguring packages ...
(Reading database ... 146120 files and directories currently installed.)
Preparing to replace ca-certificates-java 20110912ubuntu1 (using .../ca-certificates-java_20110912ubuntu2_all.deb) ...
Unpacking replacement ca-certificates-java ...
Preparing to replace ca-certificates 20110502+nmu1 (using .../ca-certificates_20110502+nmu1ubuntu3_i386.deb) ...
Unpacking replacement ca-certificates ...
Preparing to replace google-chrome-beta 14.0.835.163-r101024 (using .../google-chrome-beta_14.0.835.186-r101821_i386.deb) ...
Unpacking replacement google-chrome-beta ...
Processing triggers for man-db ...
Processing triggers for desktop-file-utils ...
Setting up ca-certificates (20110502+nmu1ubuntu3) ...
Clearing symlinks in /etc/ssl/certs...done.
Updating certificates in /etc/ssl/certs... WARNING: Skipping duplicate certificate cert_igca_rsa.pem
WARNING: Skipping duplicate certificate cert_igca_rsa.pem
156 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....
Exception in thread "main" java.security.ProviderException: Could not initialize NSS
 at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:201)
 at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
 at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
 at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
 at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
 at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
 at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:262)
 at sun.security.jca.ProviderConfig$3.run(ProviderConfig.java:244)
 at java.security.AccessController.doPrivileged(Native Method)
 at sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:244)
 at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:224)
 at sun.security.jca.ProviderList.getProvider(ProviderList.java:232)
 at sun.security.jca.ProviderList.getService(ProviderList.java:330)
 at sun.security.jca.GetInstance.getInstance(GetInstance.java:157)
 at java.security.Security.getImpl(Security.java:696)
 at java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:130)
 at sun.security.x509.AlgorithmId.decodeParams(AlgorithmId.java:121)
 at sun.security.x509.AlgorithmId.<init>(AlgorithmId.java:114)
 at sun.security.x509.AlgorithmId.parse(AlgorithmId.java:381)
 at sun.security.x509.X509Key.parse(X509Key.java:168)
 at sun.security.x509.CertificateX509Key.<init>(CertificateX509Key.java:75)
 at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:705)
 at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
 at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747)
 at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
 at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:107)
 at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
 at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:763)
 at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
 at java.security.KeyStore.load(KeyStore.java:1201)
 at UpdateCertificates.createKeyStore(UpdateCertificates.java:65)
 at UpdateCertificates.main(UpdateCertificates.java:51)
Caused by: java.io.FileNotFoundException: /usr/lib/i386-linux-gnu/libnss3.so
 at sun.security.pkcs11.Secmod.initialize(Secmod.java:186)
 at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:197)
 ... 31 more
E: /etc/ca-certificates/update.d/jks-keystore exited with code 1.
done.
Setting up ca-certificates-java (20110912ubuntu2) ...
Installing new version of config file /etc/ca-certificates/update.d/jks-keystore ...
Setting up google-chrome-beta (14.0.835.186-r101821) ...