On Tue, 25 Nov 2025 19:49:20 GMT, Artur Barashev <[email protected]> wrote:
>> The jdk.tls.client.cipherSuites and jdk.tls.server.cipherSuites system >> properties allow a custom set of cipher suites to be used for the default >> JDK SSLContext. If such properties specify cipher suites not supported by >> the JDK, then the JDK falls back to using the default cipher suite list (as >> if no property was specified). This seems like unexpected behavior. > > Artur Barashev has updated the pull request with a new target base due to a > merge or a rebase. The pull request now contains three commits: > > - Fix merge errors > - Merge branch 'master' into JDK-8371688 > > # Conflicts: > # src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java > - 8371688: Unexpected behavior for jdk.tls.client.cipherSuites system > property test/jdk/sun/security/ssl/SSLContextImpl/CustomizedCipherSuites.java line 36: > 34: * TLS_ECDH_anon_WITH_AES_128_CBC_SHA > 35: * @run main/othervm > 36: * -Djdk.tls.client.cipherSuites="unknown" I'm assuming these lines were removed because `"unknown"` is the same as `""`. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/28499#discussion_r2566515101
