With this update, the logic looks like: if TLSv1.3 is not enabled in the
SSLContext, use TLSv1.2 instead; Otherwise, use TLSv1.3 and TLSv1.2.
There may be a couple of issues:
1. TLSv1.2 may be not enabled, although TLSv1.3 is enabled.
For example:
System.setProperty("jdk.tls.client.protocols
Cross-posting to security-dev as this involves TLS/SSL configuration.
--Sean
On 3/26/20 10:02 AM, rahul.r.ya...@oracle.com wrote:
Hello,
Request to have my fix reviewed for issues:
JDK-8239595 : ssl context version is not respected
JDK-8239594 : jdk.tls.client.protocols is not respe
I think you should mark one of the two bugs a duplicate. Typically I
mark the more recent one as a duplicate, unless there is a good reason
to do otherwise.
--Sean
On 3/26/20 12:28 PM, Sean Mullan wrote:
Cross-posting to security-dev as this involves TLS/SSL configuration.
--Sean
On 3/26/20
