2024年2月16日 星期五

Java 8u261以上才支援SHA384WithECDSA

https://www.oracle.com/java/technologies/javase/8all-relnotes.html#R180_261

security-libs/javax.net.ssl

➜ Increase the priorities of GCM cipher suites

In TLS, a ciphersuite defines a specific set of cryptography algorithms used in a TLS connection. JSSE maintains a prioritized list of ciphersuites. In this update, GCM-based cipher suites are configured as the most preferable default cipher suites in the SunJSSE provider.


In the SunJSSE provider, the following ciphersuites are now the most preferred by default:

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

https://github.com/AdoptOpenJDK/openjdk-jdk8u/blob/master/jdk/src/share/classes/sun/security/ssl/CipherSuite.java