[ https://issues.jboss.org/browse/WFCORE-4532?page=com.atlassian.jira.plugi... ] Richard Opalka commented on WFCORE-4532: ---------------------------------------- These three tests mentioned above are passing on Open JDK 13 ea 24. They started to fail with latest Open JDK 13 ea 25. I was debugging TlsTestCase failures and my observation is there was a new feature introduced in JDK 13 ea 25: https://bugs.openjdk.java.net/browse/JDK-8211018 This new feature causes that some SSL sessions are not propagated to sun.security.ssl.SSLSessionContextImpl.sessionCache field. For anybody from our security team that will have a look, for easy and fast investigation you will need: * Open JDK 13 ea 24 installed * Open JDK 13 ea 25 installed Put breakpoints to methods: * sun.security.ssl.Finished.onProduceFinished() * sun.security.ssl.SSLSessionContextImpl.put(SSLSessionImpl) * org.wildfly.extension.elytron.SSLDefinitions (line 904) // performRuntime method of ACTIVE_SESSION_COUNT attribute handler Execute test in debug mode: $ cd wildfly-core/elytron $ mvn clean test -Dtest=**/TlsTestCase#testSslServiceAuth -Dmaven.surefire.debug My observation is that in method sun.security.ssl.Finished.onProduceFinished() there is a new shc.statelessResumption field check that causes SSL session not to be registered into the cache. -- This message was sent by Atlassian Jira (v7.12.1#712002)