-
Enhancement
-
Resolution: Fixed
-
P3
-
8, 11, 15
-
b25
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8272365 | 13.0.9 | Alexey Bakhtin | P3 | Resolved | Fixed | b01 |
JDK-8264278 | 11.0.12 | Xuelei Fan | P3 | Resolved | Fixed | b01 |
JDK-8249876 | 11.0.10-oracle | Prasadarao Koppula | P3 | Resolved | Fixed | b01 |
JDK-8248708 | 11.0.9-oracle | Prasadarao Koppula | P3 | Closed | Won't Fix | |
JDK-8265451 | openjdk8u302 | Severin Gehwolf | P3 | Resolved | Fixed | b04 |
JDK-8259547 | 8u291 | Prasadarao Koppula | P3 | Resolved | Fixed | b01 |
JDK-8250262 | 8u281 | Prasadarao Koppula | P3 | Resolved | Fixed | b01 |
JDK-8255924 | 8u271 | Prasadarao Koppula | P3 | Closed | Fixed | b33 |
JDK-8262642 | emb-8u291 | Prasadarao Koppula | P3 | Resolved | Fixed | team |
JDK-8257309 | emb-8u281 | Prasadarao Koppula | P3 | Resolved | Fixed | team |
"Certificate authorities (CAs) which an endpoint supports and which SHOULD be used by the receiving endpoint to guide certificate selection. ... The client MAY send the "certificate_authorities" extension in the ClientHello message. The server MAY send it in the CertificateRequest message."
For TLS 1.2 and prior versions, the certificate selection is guided by the CertificateRequest. While TLS 1.3 move this function to the "certificate_authorities" extension.
The current TLS 1.3 implementation does not support this function, as could lead to certificate selection improperly and thus compatibility issues if upgrade from TLS 1.2 to TLS 1.3.
- backported by
-
JDK-8249876 Support the certificate_authorities extension
-
- Resolved
-
-
JDK-8250262 Support the certificate_authorities extension
-
- Resolved
-
-
JDK-8257309 Support the certificate_authorities extension
-
- Resolved
-
-
JDK-8259547 Support the certificate_authorities extension
-
- Resolved
-
-
JDK-8262642 Support the certificate_authorities extension
-
- Resolved
-
-
JDK-8264278 Support the certificate_authorities extension
-
- Resolved
-
-
JDK-8265451 Support the certificate_authorities extension
-
- Resolved
-
-
JDK-8272365 Support the certificate_authorities extension
-
- Resolved
-
-
JDK-8248708 Support the certificate_authorities extension
-
- Closed
-
-
JDK-8255924 Support the certificate_authorities extension
-
- Closed
-
- csr for
-
JDK-8244441 Support the certificate_authorities extension
-
- Closed
-
- relates to
-
JDK-8245848 Document the certificate_authorities extension in JSSE Reference Guides
-
- Resolved
-
-
JDK-8234727 sun/security/ssl/X509TrustManagerImpl tests support TLSv1.3
-
- Resolved
-
-
JDK-8252789 Empty client certificate issue during TLS handshake
-
- Closed
-
-
JDK-8272351 Mutual TLS has stopped working - client certificates using RSA SHA256 not found
-
- Closed
-