--- a/src/java.base/share/classes/sun/security/ssl/CertificateMessage.java Thu Dec 13 16:14:07 2018 +0100
+++ b/src/java.base/share/classes/sun/security/ssl/CertificateMessage.java Thu Dec 13 15:31:05 2018 +0100
@@ -440,7 +440,7 @@
// It is not necessary to check the certificate update if
// endpoint identification is enabled.
String identityAlg = chc.sslConfig.identificationProtocol;
- if ((identityAlg == null || identityAlg.length() == 0) &&
+ if ((identityAlg == null || identityAlg.isEmpty()) &&
!isIdentityEquivalent(x509Certs[0],
chc.reservedServerCerts[0])) {
chc.conContext.fatal(Alert.BAD_CERTIFICATE,