-
Enhancement
-
Resolution: Fixed
-
P3
-
7-pool, 8-pool, 11-pool, 15-pool, 16-pool, 17-pool, 20-pool, 21-pool
-
b22
Add support for separate TLS client vs server certificate chain lengths, as opposed to (and in addition to) the current single global limit configured via jdk.tls.maxCertificateChainLength.
Provide new system properties: jdk.tls.client.maxInboundCertificateChainLength and jdk.tls.server.maxInboundCertificateChainLength.
- jdk.tls.client.maxInboundCertificateChainLength property: when in client side, it enforces a maximum certificate chain length accepted from servers.
- jdk.tls.server.maxInboundCertificateChainLength property: when in server side, it enforces a maximum certificate chain length accepted from clients.
Provide new system properties: jdk.tls.client.maxInboundCertificateChainLength and jdk.tls.server.maxInboundCertificateChainLength.
- jdk.tls.client.maxInboundCertificateChainLength property: when in client side, it enforces a maximum certificate chain length accepted from servers.
- jdk.tls.server.maxInboundCertificateChainLength property: when in server side, it enforces a maximum certificate chain length accepted from clients.
- csr for
-
JDK-8313236 Add separate system properties for TLS server and client for maximum chain length
- Closed
There are no Sub-Tasks for this issue.