--- a/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java	Tue Jul 10 08:20:13 2018 +0100
+++ b/src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java	Mon Jul 30 13:53:30 2018 -0400
@@ -132,6 +132,10 @@
     // Counter used to create unique nonces in NewSessionTicket
     private BigInteger ticketNonceCounter = BigInteger.ONE;
 
+    // The endpoint identification algorithm used to check certificates
+    // in this session.
+    private final String              identificationProtocol;
+
     /*
      * Create a new non-rejoinable session, using the default (null)
      * cipher spec.  This constructor returns a session which could
@@ -149,6 +153,7 @@
         this.requestedServerNames = Collections.<SNIServerName>emptyList();
         this.useExtendedMasterSecret = false;
         this.creationTime = System.currentTimeMillis();
+        this.identificationProtocol = null;
     }
 
     /*
@@ -198,6 +203,7 @@
                 (!hc.negotiatedProtocol.useTLS13PlusSpec());
         }
         this.creationTime = creationTime;
+        this.identificationProtocol = hc.sslConfig.identificationProtocol;
 
         if (SSLLogger.isOn && SSLLogger.isOn("session")) {
              SSLLogger.finest("Session initialized:  " + this);
@@ -259,6 +265,10 @@
         return ticketAgeAdd;
     }
 
+    String getIdentificationProtocol() {
+        return this.identificationProtocol;
+    }
+
     /*
      * Get the PSK identity. Take care not to use it in multiple connections.
      */