Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Duplicate
Priority: P3
Fix Version/s: 17
Affects Version/s: 8u261, 11, 16
Component/s: security-libs
Labels:

Subcomponent:
javax.net.ssl
Introduced In Build:
b05
Introduced In Version:

8u261

Description

ADDITIONAL SYSTEM INFORMATION :
CentOS Linux release 8.0.1905
MacOS catalina 10.15.7

A DESCRIPTION OF THE PROBLEM :
In this version TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 and TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 are incompatible with previous.
Some HTTPS sites, for example, https://fcm.googleapis.com, returns the handshake error when using these two ciphers.

REGRESSION : Last worked in version 8

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Use TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 as supported cipher to connect https://fcm.googleapis.com. And will receive a TLS handshake error.

---------- BEGIN SOURCE ----------
@Test
    public void sslSocketTest() throws IOException {
        SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
        socket.setEnabledCipherSuites(new String[] {
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        });
        InetSocketAddress socketAddress =new InetSocketAddress("fcm.googleapis.com",443);
        socket.connect(socketAddress);
        socket.startHandshake();
        socket.close();
    }
---------- END SOURCE ----------

FREQUENCY : always

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Main.java
0.6 kB
2020-12-07 05:07

Issue Links

duplicates

JDK-8217633 Configurable extensions with system properties

Resolved

Activity

People

Assignee:: Xuelei Fan

Reporter:: Webbug Group

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2020-12-05 21:55

Updated:: 2020-12-09 23:08

Resolved:: 2020-12-09 11:36