-
Bug
-
Resolution: Unresolved
-
P4
-
None
-
13, 26
-
None
Spotted while reviewing https://github.com/openjdk/jdk/pull/27093.
If the NewSessionTicket message is lost, the handshake fails on the client side with:
javax.net.ssl.SSLHandshakeException: (decrypt_error) The Finished message cannot be verified.
To reproduce, add the following run line to the PacketLossRetransmission jtreg test:
@run main/othervm PacketLossRetransmission server 4 new_session_ticket
Workaround: avoid sending the NewSessionTicket message by disabling stateless session resumption
If the NewSessionTicket message is lost, the handshake fails on the client side with:
javax.net.ssl.SSLHandshakeException: (decrypt_error) The Finished message cannot be verified.
To reproduce, add the following run line to the PacketLossRetransmission jtreg test:
@run main/othervm PacketLossRetransmission server 4 new_session_ticket
Workaround: avoid sending the NewSessionTicket message by disabling stateless session resumption
- relates to
-
-
- Open
-