JDK-8234949 : Receiving TLS 1.3 connection error when connecting with Golang server
  • Type: Bug
  • Component: security-libs
  • Affected Version: 11.0.5
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: linux_ubuntu
  • CPU: x86_64
  • Submitted: 2019-11-27
  • Updated: 2020-02-19
  • Resolved: 2020-01-13
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 14
14Resolved
Related Reports
Duplicate :  
JDK-8236039 - JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
Description
A DESCRIPTION OF THE PROBLEM :
There seems to be a difference in interpretation over the TLS 1.3 specification which is creating incompatible implementations.

Please see the attached issue for details, reproduction:
https://github.com/golang/go/issues/35722

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
https://github.com/golang/go/issues/35722

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Golang service and Java service can communicate over TLS 1.3.
ACTUAL -
"javax.net.ssl.SSLHandshakeException: extension (5) should not be presented in certificate_request" is produced when establishing a TLS connection with a Golang server. 

FREQUENCY : always
Comments
Further response from the submitter: It ended up being a problem on the Go side. They accepted the issue and pushed a fix in the same github issue that was previously linked (https://github.com/golang/go/issues/35722).
19-02-2020
The test case can be found at: https://github.com/odeke-em/bugs/tree/master/golang/35722 But it seems that there are more information needed to reproduce the failure and test the fix.
20-12-2019