Code Review Request, JDK-8207029 Unable to use custom SSLEngine with default TrustManagerFactory after updating to JDK 11 b21

Xuelei Fan at
Thu Jul 12 13:33:22 UTC 2018

Hi Alan,

Yes, it is likely to introduce the issue again.  We should consider a 
regression test.  I just filed a follow-up bug in the JBS:


On 7/11/2018 11:53 PM, Alan Bateman wrote:
> On 12/07/2018 05:47, Xuelei Fan wrote:
>> Hi,
>> Please review the update:
>> It's an interesting user case of the TrustManagerFactory and 
>> KeyManagerFactory.  The KeyManager or TrustManager implementation may 
>> be not implemented in the same provider as SSLSocket/SSLEngine.
>> See also 
> Xuelei - is there follow-up work to develop some tests that use custom 
> KeyManager or TrustManager implementations that are in different 
> providers to the SSLEngine. I realize not many will do that but it seems 
> easy to break these type of scenarios if we don't have tests.
> -Alan.

More information about the security-dev mailing list