On Fri, 7 Jul 2023 13:40:53 GMT, Sean Coffey <coff...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/launcher/SecuritySettings.java line 123: >> >>> 121: } >>> 122: >>> 123: ostream.println(INDENT + "Security TLS configuration:"); >> >> What about also noting the name of the TLS/JSSE provider in this line, for >> example: >> >> "Security TLS configuration (SunJSSE provider):" >> >> This would be useful information if a customer is using a 3rd party JSSE >> provider, and it is selected before SunJSSE, as the defaults in that case >> may be different. > > good suggestion Sean. Patch updated. I think we need to harden this area of code actually. Some JDK configurations may not have an SSL provider. e.g. (removing JSSE from config) See "java -X" for verbose security settings options Security provider static configuration: (in order of preference) Provider name: SUN Provider name: SunRsaSign Exception in thread "main" java.lang.InternalError: Failed to create SSL socket at java.base/sun.launcher.SecuritySettings.printSecurityTLSConfig(SecuritySettings.java:121) at java.base/sun.launcher.SecuritySettings.printSecuritySummarySettings(SecuritySettings.java:75) at java.base/sun.launcher.LauncherHelper.showSettings(LauncherHelper.java:188) ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/14394#discussion_r1255945485