[jdk17u-dev] Integrated: 8350807: Certificates using MD5 algorithm that are disabled by default are incorrectly allowed in TLSv1.3 when re-enabled

Goetz Lindenmaier goetz at openjdk.org
Tue Sep 2 08:40:50 UTC 2025


On Mon, 1 Sep 2025 12:10:41 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:

> I would like to backport this to 17, too.  The backport is based on the push to 21.
> 
> I had to resolve larger chunks in CertificateMessage.java
> 
> Also, I had to adapt the tests as https://bugs.openjdk.org/browse/JDK-8282723 "Add constructors taking a cause to JSSE exceptions" is not in 17 and the message text reads differently.
> 
> For each there is an extra commit.

This pull request has now been integrated.

Changeset: c6e19d63
Author:    Goetz Lindenmaier <goetz at openjdk.org>
URL:       https://git.openjdk.org/jdk17u-dev/commit/c6e19d6330e8474d97d791e2f7a476bd953562c7
Stats:     486 lines in 16 files changed: 300 ins; 132 del; 54 mod

8350807: Certificates using MD5 algorithm that are disabled by default are incorrectly allowed in TLSv1.3 when re-enabled

Reviewed-by: mbaesken
Backport-of: 1cdf8f5497f2b986c13a1c263d806a31d67fe015

-------------

PR: https://git.openjdk.org/jdk17u-dev/pull/3879


More information about the jdk-updates-dev mailing list