JDK-8173597 : Release Note: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 9.0.4,10
  • Priority: P3
  • Status: Closed
  • Resolution: Delivered
  • Submitted: 2017-01-28
  • Updated: 2022-06-27
  • Resolved: 2017-05-16
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 10 JDK 8 JDK 9
10Resolved 8u161Resolved 9.0.4Resolved
Description
The JDK SunJSSE implementation now supports the TLS FFDHE mechanisms defined in RFC 7919.  If a server cannot process the `supported_groups` TLS extension or the named groups in the extension, applications can either customize the supported group names with `jdk.tls.namedGroups`, or turn off the FFDHE mechanisms by setting the System Property `jsse.enableFFDHEExtension` to `false`.