[jboss-jira] [JBoss JIRA] (WFLY-10945) JDK11 ws testsuite SSL failures
Martin Choma (Jira)
issues at jboss.org
Mon Oct 8 12:41:00 EDT 2018
[ https://issues.jboss.org/browse/WFLY-10945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13644740#comment-13644740 ]
Martin Choma commented on WFLY-10945:
-------------------------------------
Looking into modules/system/layers/base/org/bouncycastle/main and I see
* META-INF/services/java.security.Provider defined in bcprov-jdk15on-1.60.0.redhat-00001.jar
* this snippet in module.xml
{noformat}
<provides>
<service name="java.security.Provider">
<with-class name="org.bouncycastle.jce.provider.BouncyCastleProvider"/>
<with-class name="org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider"/>
</service>
</provides>
{noformat}
That mean BouncyCastle is registered in JDK9+ automatically on server. BecauseIn JDK9+ providers started to be loaded also with service loader mechanism.
> JDK11 ws testsuite SSL failures
> -------------------------------
>
> Key: WFLY-10945
> URL: https://issues.jboss.org/browse/WFLY-10945
> Project: WildFly
> Issue Type: Sub-task
> Components: Test Suite
> Affects Versions: 14.0.0.Beta2
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Priority: Blocker
> Fix For: 15.0.0.Alpha1
>
>
> ws testsuite failures on JDK-11:
> * missing local IP in SubjectAlternativeNamesExtension
> * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + TLS1.2 seems buggy on JDK-11: Invalid ECDH ServerKeyExchange signature
> * not issue after switching to TLS1.1 or to ciphersuite TLS_RSA_WITH_AES_256_CBC_SHA256 -> JDK bug
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list