On Fri, 30 Jan 2026 19:39:00 GMT, Xue-Lei Andrew Fan <[email protected]> wrote:
>> Yes, good point, it is different, I've done similar research. I'll look >> closer into this, thanks! Some problems I can see with this approach though: >> >> - Such caching won't work with a 3rd party `X509ExtendedKeyManager` >> implementation. >> - `CertificateMessage` is not just a single certificate, it's the list of >> certificate entries plus certificate_request_context. Logically such cache >> doesn't belong to a KeyManager. > > Yes, a tricky case. Thank you @artur-oracle for considering this. Attached the cache to SSLContext instance. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/28682#discussion_r2761008794
