Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.



Enable TLS on port 8443

    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true">

        <SSLHostConfig     <SSLHostConfig protocols="TLSv1.2" truststoreFile="conf/cacerts.jks">

                    <Certificate certificateKeystoreFile="conf/clientcert.jks"

                         certificateKeystorePassword                     certificateKeystorePassword="changeit"

                         type                     type="RSA" />



Note: Set protocols="TLSv1.2" to disable TLSv1.3 since the TCK requires post-handshake authentication and the Java 11 client does not support that.


Make the following changes:


A default 10.0.x build (as of 2020-06-1819) with the above configuration and the TCK built from source (as of 2020-06-1819) triggers 23 21 test failures

1 Expected failures


  • PR 338
    • Incorrect major version (1 failure),
    • Using LF rather an CRLF (15 failures)
    • Strange /j_security_check test (2 failures)Error page attributes assumed to be unset when spec requires them to be set (3 failures)
    • Missing annotation marker in Java 8 signature tests (1 failure)
    • Re-do Java 11 signature test based on Java 8
    • Fix regression in error page tests (1 failure)
    • Java 11 issues with HTTP/2 client