[jdk11u-dev] Integrated: 8245545: Disable TLS_RSA cipher suites
David Sladký
duke at openjdk.org
Wed Dec 3 13:31:04 UTC 2025
On Thu, 20 Nov 2025 15:09:24 GMT, David Sladký <duke at openjdk.org> wrote:
> Backport of [JDK-8245545](https://bugs.openjdk.org/browse/JDK-8245545) - Disable TLS_RSA cipher suites
>
> Some TLS suites do not preserve forward-secrecy and are not commonly used - and should not be used.
>
> Not clean back port. This includes:
> - Selection of disabled tests and some include that is in jdk11 but not in jdk17.
> - Changed indentation of edited block of string defining disabled cipher suites.
> - Bunch of copyright notices.
>
> Tested on Fedora 43:
> - gtests passed
> - T1 have same fails before and after the back port -> not related to this.
> - jtreg:test/jdk/sun/security passed.
> - jtreg:test/jdk/javax/net/ssl passed.
> - Github Actions passed.
This pull request has now been integrated.
Changeset: 463e25fb
Author: David Sladký <sladky.david at proton.me>
Committer: Andrew John Hughes <andrew at openjdk.org>
URL: https://git.openjdk.org/jdk11u-dev/commit/463e25fb4c6ae3ba5f4d0ba6616cf92863831cff
Stats: 83 lines in 13 files changed: 36 ins; 18 del; 29 mod
8245545: Disable TLS_RSA cipher suites
Reviewed-by: andrew
Backport-of: b838ae0a7bbe34f345a4d56af21df4badce0caf2
-------------
PR: https://git.openjdk.org/jdk11u-dev/pull/3124
More information about the jdk-updates-dev
mailing list