On Fri, 1 Aug 2025 19:08:22 GMT, Hai-May Chao <hc...@openjdk.org> wrote:
> Thanks for the latest screenshot. I don't think the signature algorithms > should be "none". If we can't access the provider-specific defaults, then I > think we should omit this information for now. @artur-oracle or @haimaychao > can you check this out and see if there is a way to get those defaults? > Thanks. We actually have 2 lists of signature algorithms: one for the handshake and another for certificates. Both lists are being constructed only during the TLS handshake (see `SignatureScheme.updateHandshakeLocalSupportedAlgs` method). There is no public API currently to get those lists, although it shouldn't be hard to add such API call. The code currently being reviewed should only display signature schemes set with `jdk.tls.client.SignatureSchemes` system property. ------------- PR Comment: https://git.openjdk.org/jdk/pull/24424#issuecomment-3145557453
