The SunJSSE close notification checks for `SSLEngine` to have been made less strict to conform to changes in the Transport Layer Security (TLS) RFCs. See also [JDK-8253368](https://bugs.openjdk.org/browse/JDK-8253368).

        Specifically, if an application tries to close its `SSLEngine` inbound side using `SSLEngine.closeInbound()` without having received a close notification message from its peer, the `SSLEngine` will no longer:

        1. trigger the transmission of a TLS fatal-level alert to the peer, and
        2. invalidate the current TLS session.

        The new behavior will still consider this condition an error and will throw a local `javax.net.ssl.SSLException`. But a fatal-level alert will no longer be generated to be sent to the peer, and the underlying session will remain valid.

        In addition, the internal transport context for the `SSLEngine` will also now be closed. This may result in a different `SSLEngineResult.HandshakeStatus` value on the `SSLEngine`. Any outstanding outbound data must still be obtained (`SSLEngine.wrap()`) and sent in order to gracefully close the connection.

              wetmore Bradford Wetmore
              pkoppula Prasadarao Koppula (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: