JDK-8241039 : Retire the deprecated SSLSession.getPeerCertificateChain() method
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2020-03-14
  • Updated: 2023-11-09
  • Resolved: 2020-03-20
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 15
15 b16Fixed
Related Reports
CSR :  
Relates :  
Sub Tasks
JDK-8241048 :  
Description
The deprecated SSLSession.getPeerCertificateChain() method is using the deprecated javax.security.cert.X509Certificate.  As it is an interface method, removing this method would cause compiler error for old implementations. The compiler compatibility impact make it hard to remove the deprecated package javax.security.cert in JDK (see JDK-8227024).

However, we need to move forward to clear deprecated APIs.   To make it, we may be able to go with having default getPeerCertificateChain() method , throwing exception in the default implementation, and removing the real implementation in the providers.  As would reduce the source code compatibility risks.  We may come back to remove the deprecated package javax.security.cert in a few years.

Comments
URL: https://hg.openjdk.java.net/jdk/jdk/rev/47cea54e6ba1 User: xuelei Date: 2020-03-20 16:15:17 +0000
20-03-2020