Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8296820

Add implementation note to SSLContext.getInstance noting subsequent behavior if protocol is disabled

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Unresolved
    • P3
    • None
    • None
    • security-libs

    Description

      SSLContext.getInstance currently throws NoSuchAlgorithmException if a protocol is not supported by any of the configured providers.

      If a protocol is disabled by an implementation, then the getInstance method still succeeds, because there is still a provider configured that supports the protocol.

      However, if the application subsequently tries to use that protocol, an `SSLHandshakeException` will be thrown. This behavior could be seen as a little unexpected, since the `SSLContext` was returned for that protocol.

      Thus, it would be useful to add an implementation note to SSLContext.getInstance noting this behavior.

      Attachments

        Issue Links

          Activity

            People

              mullan Sean Mullan
              mullan Sean Mullan
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: