JDK-8242141 : New System Properties to configure the TLS signature schemes
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed. Resolved: Release in which this issue/RFE has been resolved. Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
There is third party's TLS applications that do not accept some signature schemes. A workaround is needed before the problem get fixed.
[~mbalao] Approved. I've created JDK-8259998 for you and added the CSR link. It should get resolved properly on push.
Fix request (8u)
I'd like to have this enhancement approved for 8u. The reasons are to improve interoperability with other TLS implementations and to keep parity with other JDKs. While the patch does not apply cleanly, a proposal has been review-approved here: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013334.html In regards to the CSR for 8u, the existing one (JDK-8245536) applies to OpenJDK so I'll link it from the backport ticket if this request is approved.
FYI, CSR done by Oracle for 11 and 8 is here: https://bugs.openjdk.java.net/browse/JDK-8245536
Fix request (13u):
I would like to add this fix to 13.0.4 for parity with 11u. The original change applies almost cleanly, except a context difference
jdk11 backport request
I would like to have the patch in OpenJDK11 as well (for better parity with 11.0.8_oracle). The patch needs small adjustments in src/java.base/share/classes/sun/security/ssl/SSLServerSocketImpl.java and src/java.base/share/classes/sun/security/ssl/SignatureScheme.java , RFR : https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2020-May/003111.html
I think we should create a CSR for the 11u backport even though Oracle didn't do that.