XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Unresolved
    • Icon: P3 P3
    • None
    • None
    • security-libs
    • None

      The parent bug fix has grown large. I'm creating this sub-task to track the specific issue of fixing up how "javax.net.debug=ssl" should work. Problem description as per parent bug

      -Djavax.net.debug=ssl only prints 2 lines of info for below program. In JDK 8u and earlier, verbose ssl info would be available with the same setting and would print 100's of lines of debug data for similar operation.

      $ cat SSLConnect.java
      import java.io.*;
      import java.net.*;
      import javax.net.ssl.*;

      public class SSLConnect {
          public static void main(String[] args) throws Exception {
              URL u = new URL("https://<website>");
              BufferedReader in = new BufferedReader(new InputStreamReader(u.openStream()));
          }
      }

      $ ~/jdk/jdk-11.0.2/bin/java -Djavax.net.debug=ssl SSLConnect
      javax.net.ssl|DEBUG|01|main|2019-04-15 18:45:56.692 IST|SSLCipher.java:437|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
      javax.net.ssl|DEBUG|01|main|2019-04-15 18:45:57.056 IST|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=bugs.xxxx.java.net) was replaced with (type=host_name (0), value=bugs.xxxx.java.net)

            coffeys Sean Coffey
            coffeys Sean Coffey
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: