-
Type:
Enhancement
-
Resolution: Unresolved
-
Priority:
P3
-
None
-
Affects Version/s: None
-
Component/s: security-libs
SSLContext.getInstance currently throws NoSuchAlgorithmException if a protocol is not supported by any of the configured providers.
If a protocol is disabled by an implementation, then the getInstance method still succeeds, because there is still a provider configured that supports the protocol.
However, if the application subsequently tries to use that protocol, an `SSLHandshakeException` will be thrown. This behavior could be seen as a little unexpected, since the `SSLContext` was returned for that protocol.
Thus, it would be useful to add an implementation note to SSLContext.getInstance noting this behavior.
If a protocol is disabled by an implementation, then the getInstance method still succeeds, because there is still a provider configured that supports the protocol.
However, if the application subsequently tries to use that protocol, an `SSLHandshakeException` will be thrown. This behavior could be seen as a little unexpected, since the `SSLContext` was returned for that protocol.
Thus, it would be useful to add an implementation note to SSLContext.getInstance noting this behavior.
- relates to
-
-
- Resolved
-
- links to
-
Review
openjdk/jdk/11172