JDK-8245077 : Release Note: Default SSLEngine Should Create in Server Role
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 8u261,11.0.8-oracle,14.0.2,15
  • Priority: P3
  • Status: Closed
  • Resolution: Delivered
  • Submitted: 2020-05-15
  • Updated: 2022-06-25
  • Resolved: 2021-12-02
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 14 JDK 15 JDK 8
11.0.8-oracleResolved 14.0.2Resolved 15Resolved 8u261Resolved
Description
In JDK 11 and later, `javax.net.ssl.SSLEngine` by default used client mode when handshaking. As a result, the set of default enabled protocols may differ to what is expected. `SSLEngine` would usually be used in server mode. From this JDK release onwards, `SSLEngine` will default to server mode. The `javax.net.ssl.SSLEngine.setUseClientMode​(boolean mode)` method may be used to configure the mode.