JDK-8296134 : Release Note: Disabled DTLS 1.0
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version:
    8u421-perf,11.0.24-oracle,17.0.12-oracle,20 8u421-perf,11.0.24-oracle,17.0.12-oracle,20
  • Priority: P3
  • Status: Resolved
  • Resolution: Delivered
  • Submitted: 2022-10-31
  • Updated: 2024-06-20
  • Resolved: 2022-10-31
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 17 JDK 20 JDK 8
11.0.24-oracleResolved 17.0.12-oracleResolved 20Resolved 8u421-perfResolved
Description
DTLS 1.0 has been disabled by default, by adding "DTLSv1.0" to the `jdk.tls.disabledAlgorithms` security property in the `java.security` configuration file. DTLS 1.0 has weakened over time and lacks support for stronger cipher suites. Any attempts to use DTLSv1.0 will fail with an `SSLHandshakeException`. Users can, at their own risk, re-enable the version by removing "DTLSv1.0" from the `jdk.tls.disabledAlgorithms` security property.