JDK-8281290 : Release Note: (D)TLS Signature Schemes
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 19
  • Priority: P3
  • Status: Closed
  • Resolution: Delivered
  • Submitted: 2022-02-04
  • Updated: 2022-09-06
  • Resolved: 2022-03-21
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 19
19Resolved
Description
New Java SE APIs, `javax.net.ssl.getSignatureSchemes()` and `javax.net.ssl.setSignatureSchemes()`, have been added to allow applications to customize the signature schemes used in individual TLS or DTLS connections.

Note that the underlying provider may define the default signature schemes for each TLS or DTLS connection.  Applications may also use the existing "jdk.tls.client.SignatureSchemes" and/or "jdk.tls.server.SignatureSchemes" system properties to customize the provider-specific default signature schemes.  If not `null`, the signature schemes passed to the `setSignatureSchemes()` method will override the default signature schemes for the specified TLS or DTLS connections.

Note that a provider may not have been updated to support the new APIs and in that case may ignore the signature schemes that are set. The JDK `SunJSSE` provider supports this method. It is recommended that 3rd party providers add support for these methods when they add support for JDK 19 or later releases.