On Mon, 30 Aug 2021 14:59:05 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/X509Authentication.java line
>> 289:
>>
>>> 287: X509ExtendedKeyManager km = shc.sslContext.getX509KeyManager();
>>> 288: String serverAlias = null;
>>> 289: for (String keyType : keyTypes) {
>>
>> What do you think if we update the createServerPossession to call
>> chooseServerAlias only once? A similar problem could occur in server side,
>> I think. Keeping the behavior consistent between client and server may easy
>> the key manager development and customization.
>
> Do not fully understand. `chooseServerAlias` can only take one key type. How
> do I can it only once?
Never mind, I did not realized only one key type accepted. Hm, the for-loop is
a little bit weird to me now. Only one keyType should be initialized for
server. Anyway, not a big concern and you can leave is as is.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5257
