[jdk17u-dev] RFR: 8350807: Certificates using MD5 algorithm that are disabled by default are incorrectly allowed in TLSv1.3 when re-enabled

Matthias Baesken mbaesken at openjdk.org
Mon Sep 1 13:40:48 UTC 2025


On Mon, 1 Sep 2025 12:10:41 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:

> I would like to backport this to 17, too.  The backport is based on the push to 21.
> 
> I had to resolve larger chunks in CertificateMessage.java
> 
> Also, I had to adapt the tests as https://bugs.openjdk.org/browse/JDK-8282723 "Add constructors taking a cause to JSSE exceptions" is not in 17 and the message text reads differently.
> 
> For each there is an extra commit.

Marked as reviewed by mbaesken (Reviewer).

-------------

PR Review: https://git.openjdk.org/jdk17u-dev/pull/3879#pullrequestreview-3173718786


More information about the jdk-updates-dev mailing list