RFR: 8371688: Unexpected behavior for jdk.tls.client.cipherSuites system property [v2]
Mark Powers
mpowers at openjdk.org
Wed Nov 26 21:13:49 UTC 2025
On Tue, 25 Nov 2025 19:49:20 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> The jdk.tls.client.cipherSuites and jdk.tls.server.cipherSuites system properties allow a custom set of cipher suites to be used for the default JDK SSLContext. If such properties specify cipher suites not supported by the JDK, then the JDK falls back to using the default cipher suite list (as if no property was specified). This seems like unexpected behavior.
>
> Artur Barashev has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>
> - Fix merge errors
> - Merge branch 'master' into JDK-8371688
>
> # Conflicts:
> # src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
> - 8371688: Unexpected behavior for jdk.tls.client.cipherSuites system property
Marked as reviewed by mpowers (Committer).
test/jdk/sun/security/ssl/SSLContextImpl/NoSupportedCipherSuites.java line 31:
> 29: * @test
> 30: * @bug 8371688
> 31: * @summary Unexpected behavior for jdk.tls.client.cipherSuites system property
Should say client and server properties.
-------------
PR Review: https://git.openjdk.org/jdk/pull/28499#pullrequestreview-3512762203
PR Review Comment: https://git.openjdk.org/jdk/pull/28499#discussion_r2566499894
More information about the security-dev
mailing list