[11] RFR: 8205653: test/jdk/sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java and RmiSslBootstrapTest.sh fail with handshake_failure
Daniel Fuchs
daniel.fuchs at oracle.com
Thu Jun 28 15:46:16 UTC 2018
[ccing serviceability-dev at openjdk.java.net]
Hi Siba,
This looks good to me - but I'm not a SSL expert.
It would be good to get someone from the security team eyeball those
changes (Xuelei? Brad?)
I added serviceability-dev at openjdk.java.net in cc as this is where
reviews for JMX/Monitoring changes happen these days...
best regards,
-- daniel
On 28/06/2018 17:10, Sibabrata Sahoo wrote:
> Hi,
>
> Please review the patch for,
>
> JBS: https://bugs.openjdk.java.net/browse/JDK-8205653
>
> Webrev: http://cr.openjdk.java.net/~ssahoo/8205653/webrev.00/
>
> Change:
>
> The Test has been upgraded to address the following 2 cases,
>
> 1. Add protocol support for TLSv1.3. The change is done in the config
> file named “management_ssltest11_ok.properties.in”.
> 2. Add support for legacy TLS. Now a new config file
> “management_ssltest15_ok.properties.in” hold TLS protocol
> “TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA” instead
> of “SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5”.
>
> Previously the Test was using DSA keys which is not compatible with
> TLSv1.3. So the keys has been upgraded to use RSA(2048 bit). Hence the
> instruction in “Readme.txt” changed which generates RSA(2048 bit) keys.
>
> NOTE: Few Test was problem listed which are removed from the list now.
> Mach 5 result PASS with multiple try for all 14 Test belongs to
> “open/test/jdk/sun/management/jmxremote” folder.
>
> Thanks,
>
> Siba
>
More information about the serviceability-dev
mailing list