On Fri, 1 Aug 2025 15:28:01 GMT, Sean Mullan <mul...@openjdk.org> wrote:
> Thanks for the latest screenshot. I don't think the signature algorithms > should be "none". If we can't access the provider-specific defaults, then I > think we should omit this information for now. @artur-oracle or @haimaychao > can you check this out and see if there is a way to get those defaults? > Thanks. https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/javax/net/ssl/SSLParameters.java#L852 https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/javax/net/ssl/SSLParameters.java#L868 So if we never call `setSignatureSchemes()` on the `SSLParameters`, then `getSignatureSchemes()` will return null. But it doesn't mean no signature schemes are used, and it means underlying provider-specific default signature schemes will be used over the TLS connections. We may use `System.getProperty("jdk.tls.client.SignatureSchemes")`, but it works if the property has been set. It seems no public API we can use to query it directly. ------------- PR Comment: https://git.openjdk.org/jdk/pull/24424#issuecomment-3145519481
