Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8217633 Configurable extensions with system properties
  3. JDK-8260310

Release Note: Configurable Extensions With System Properties

    XMLWordPrintable

    Details

      Description

      Two new system properties have been added. The system property, `jdk.tls.client.disableExtensions`, is used to disable TLS extensions used in the client. The system property, `jdk.tls.server.disableExtensions`, is used to disable TLS extensions used in the server. If an extension is disabled, it will be neither produced nor processed in the handshake messages.

      The property string is a list of comma separated standard TLS extension names, as registered in the IANA documentation (for example, server_name, status_request, and signature_algorithms_cert). Note that the extension names are case sensitive. Unknown, unsupported, misspelled and duplicated TLS extension name tokens will be ignored.

      Please note that the impact of blocking TLS extensions is complicated. For example, a TLS connection may not be able to be established if a mandatory extension is disabled. Please do not disable mandatory extensions, and do not use this feature unless you clearly understand the impact.

        Attachments

          Activity

            People

            Assignee:
            xuelei Xue-Lei Fan
            Reporter:
            xuelei Xue-Lei Fan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: