Chapter 3. OpenJDK features

The latest OpenJDK 17 release might include new features. Additionally, the latest release might enhance, deprecate, or remove features that originated from previous OpenJDK 17 releases.


For all the other changes and security fixes, see OpenJDK 17.0.3 Released.

3.1. OpenJDK enhancements

OpenJDK 17 provides enhancements to features originally created in previous releases of OpenJDK.

OCSP response verification with RSASSA-PSS

Before the OpenJDK 17.0.3 release, verification of the Online Certificate Status Protocol (OCSP) response by the RSASSA-PSS algorithm failed. This issue occurred because the HTTP GET helper method did not set extra parameters for an RSASSA-PSS signature.

The OpenJDK 17.0.3 resolves this issue, so that an OCSP response that is sent by the HTTP GET method can be verified by the RSASSA-PSS algorithm.

See, JDK-8179503 (JDK Bug System)

Alternative Data Streams (ADS) behavior on OpenJDK for Microsoft Windows

This OpenJDK 17 for Microsoft Windows release fixes an issue where some Java applications failed because would not open some files containing a colon (:) character. This issue occurred because the default value for was set to false.

This OpenJDK 17 for Microsoft Windows release sets the default value for the to true. By default, OpenJDK can now write to Alternative Data Streams and to special files in Microsoft Windows, such as the NUL: file.

You can disable OpenJDK’s capability to write to ADS by choosing one of the following options:

  • Pass the parameter to your OpenJDK deployment.
  • Set the JAVA_TOOL_OPTIONS environment variable to

Implementing one of these settings might cause issues with how your Java applications write data into files for your OpenJDK 17 for Microsoft Windows build.

See, JDK-8285445 (JDK Bug System)