Show Navigation
Conversation
Notices
-
unclear why this would cause my repeated #Firefox issues with this site, but idk, it caught my eye.
➜ BoringSSL Rejects JSSE TLS 1.3 HTTPS Connections When status_request Extension Is Disabled
BoringSSL is an SSL library deployed on some popular websites such as those run by Google/YouTube. An interoperability issue with the BoringSSL library can lead to a connection failure if TLSv1.3 is presented as the only enabled protocol in the ClientHello message and the certificate status_request extension is disabled. Enabling the certificate status_request extension by setting the jdk.tls.client.enableStatusRequestExtension system property to true will provide mitigation in such scenarios.