Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8157712

Deprecate the javax.security.cert and com.sun.net.ssl APIs with forRemoval=true

    Details

    • Subcomponent:
    • Resolved In Build:
      b127
    • Verification:
      Not verified

      Description

      JSSE 1.0.x was an unbundled release that provided JDK 1.2/1.3 with SSL/TLS, and was eventually bundled in JDK 1.4.

      The com.sun.net.ssl APIs were deprecated in 1.4, but were left for backwards compatibility with JSSE 1.0.x applications. They were never part of the 1.4+ API set.

          * @deprecated As of JDK 1.4, this implementation-specific class was
          * replaced by {@link javax.net.ssl.X509TrustManager}.

      In JDK 9, com.sun.net.ssl are not exported in java.base, and any ancient application would need -XaddExports.

      The javax.security.cert APIs were deprecated in 1.9 but have had the following warning (since 1.4.2) in the description of each class:

          Note: The classes in the package javax.security.cert exist for compatibility with earlier versions of the Java Secure Sockets Extension (JSSE).
          New applications should instead use the standard Java SE certificate classes located in java.security.cert.

      Since these earlier versions of JSSE are no longer maintained or supported, there is no reason to retain these packages for compatibility and they should be removed in a future release.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                xuelei Xue-Lei Fan
                Reporter:
                mullan Sean Mullan
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: