[jdk17u-dev] RFR: 8311644: Server should not send bad_certificate alert when the client does not send any certificates [v2]
Matthias Baesken
mbaesken at openjdk.org
Fri Feb 20 11:39:00 UTC 2026
On Fri, 20 Feb 2026 08:47:38 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
>> I backport this based on the change in 21.
>>
>> Trivial resolve of exception message in src/java.base/share/classes/sun/security/ssl/Alert.java
>>
>> test/jdk/sun/security/ssl/SignatureScheme/SigAlgosExtTestWithTLS12.java
>> test/jdk/sun/security/ssl/SignatureScheme/SigAlgosExtTestWithTLS13.java
>> Resolved Copyright.
>>
>> Update: needed to fix a test. The test came with backport of https://bugs.openjdk.org/browse/JDK-8350807 "Certificates using MD5 algorithm that are disabled by default are incorrectly allowed in TLSv1.3 when re-enabled" The original 8350807 included the output added by this change, which was removed in the backport. I added it again.
>
> Goetz Lindenmaier has updated the pull request incrementally with one additional commit since the last revision:
>
> Adapt MD5NotAllowedInTLS13CertificateSignature.java
Marked as reviewed by mbaesken (Reviewer).
-------------
PR Review: https://git.openjdk.org/jdk17u-dev/pull/4274#pullrequestreview-3831602894
More information about the jdk-updates-dev
mailing list