A new system property, `jdk.tls.acknowledgeCloseNotify`, has been added. The default value of the system property is `false`. If the system property is set to `true`, a corresponding `close_notify` alert will be sent when receiving a `close_notify` alert, and the connection will be duplex closed.
TLS 1.2 and prior versions use a duplex-close policy, while TLS 1.3 uses a half-close policy. The inbound and the outbound `close_notify` alerts for TLS 1.3 are independent. When upgrading to TLS 1.3, unexpected behavior can occur if your application shuts down the (D)TLS connection by using only one of the `SSLEngine.closeInbound()` or `SSLEngine.closeOutbound()` APIs, but not both in each side of the connection. If your application exhibits unexpected hangs or timeouts when the underlying (D)TLS transportation is not duplex closed, you may need to set this property to `true`.
Note that when a TLS/DTLS connection is no longer needed, the client and server applications should each close both sides of their respective connection.