[Java SE] TLS 1.3 Handshake Failing For Middlebox Compatibility Mode
(Doc ID 3016653.1)
Last updated on APRIL 30, 2024
Applies to:
Java SE JDK and JRE - Version 8 and laterInformation in this document applies to any platform.
Symptoms
An implementation of TLS 1.3 (RFC 8446) has been included in JDK 8 based on RFC 8446 specification.
According to RFC 8446 (Transport Layer Security (TLS) Protocol Version 1.3) Appendix D.4 (Middlebox Compatibility Mode), if the client sends a non-empty session ID in the ClientHello message, the server sends a dummy change_cipher_spec (CCS) record immediately after its first handshake message. This may either be after a ServerHello or a HelloRetryRequest. However, while verifying this feature, it was found that the JDK server failed to send a dummy change_cipher_spec record after receiving the HelloRetryRequest message.
Changes
TLS 1.3 implementation included in JDK version 8u261.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |