Specifying that a close_notify alert is sent when one is received
If the jdk.tls.acknowledgeCloseNotify
system property is set to
true
, when the client or server receives a close_notify alert, it sends a
corresponding close_notify alert and the connection is duplex-closed.
TLS 1.2 and earlier versions use a duplex-close policy. However, TLS 1.3 uses a half-close
policy, which means that the inbound and outbound close_notify alerts are independent. When
upgrading to TLS 1.3, unexpected behavior can occur if your application shuts down the TLS
connection by using only one of the SSLEngine.closeInbound()
or
SSLEngine.closeOutbound()
methods but not both on each side of the connection. If
your application unexpectedly hangs or times out when the underlying TLS transportation is not
duplex-closed, you might need to set this property to true
.