RFR: 8351354: Enhance java -XshowSettings:security:tls to show enabled TLS groups and signature algorithms

Sean Coffey coffeys at openjdk.org
Mon Jul 28 13:15:57 UTC 2025


On Tue, 8 Jul 2025 05:13:49 GMT, Jaikiran Pai <jpai at openjdk.org> wrote:

> Hello Matthew, In recent times we have been adding more of these configuration debugging into the -XshowSettings option. I'm unusure to what extent this option should be advertized or used for gathering such details of the runtime. Would this be more suitable to be done as a `jcmd` command? Something like a `jcmd <pid> VM.security_configuration`? To me, that feels like a more natural place to be adding support for details like these. More so because I think it's very rare for applications to be launching the JVM with the `-XshowSettings` option.

It's a fair point Jai. Obtaining such data in a live JVM can be useful. IMO, it's also useful to have it recorded in launcher logs so perhaps both approaches are warranted (maybe a follow on JBS enhancement where jcmd can replay the XshowSettings launcher data ?)

@mpdonova  - do you plan to have some test coverage to track this addition ? Perhaps you could edit the original two test files at https://github.com/openjdk/jdk/commit/2e12a123c9955b7360fd752a6a33d59b6271c5af

-------------

PR Comment: https://git.openjdk.org/jdk/pull/24424#issuecomment-3127191512


More information about the core-libs-dev mailing list