From 142067e74d28ac769ccb06ccd00adc99a4b3eb45 Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Fri, 25 Mar 2022 10:08:41 -0700
Subject: [PATCH 1/7] Replace JavaVersion with Runtime.Version

Since Java 9, the JDK has provided a means of parsing Java versions and
getting the current Java version. That class obviates the need for the
JavaVersion class of Elasticsearch. This commit removes the JavaVersion
class in favor of Runtime.Version.

Note that most of the changes here simply removed logic around
versioning because this change is intended only for the master branch,
where Java 17 is required.
---
 .../java/org/elasticsearch/jdk/JarHell.java   |  21 +--
 .../org/elasticsearch/jdk/JavaVersion.java    | 122 -----------------
 .../org/elasticsearch/jdk/JarHellTests.java   |  33 ++---
 .../common/ssl/SslConfigurationLoader.java    |  49 +------
 .../ssl/SslConfigurationLoaderTests.java      |   9 --
 .../elasticsearch/painless/ArrayTests.java    |   7 +-
 .../reindex/ReindexRestClientSslTests.java    |  23 +---
 .../netty4/SimpleNetty4TransportTests.java    |   3 +-
 .../AzureDiscoveryClusterFormationTests.java  |  23 +---
 .../ingest/attachment/TikaImpl.java           |   9 --
 .../repositories/hdfs/HdfsTests.java          |   2 -
 .../nio/SimpleNioTransportTests.java          |   3 +-
 .../aggregations/bucket/DateHistogramIT.java  |  10 +-
 .../search/query/SearchQueryIT.java           |   2 -
 .../bootstrap/BootstrapChecks.java            |  58 --------
 .../indices/recovery/RecoverySettings.java    |  17 ---
 .../org/elasticsearch/plugins/PluginInfo.java |   2 +-
 .../bootstrap/JavaVersionTests.java           | 125 ------------------
 .../common/LocalTimeOffsetTests.java          |   8 +-
 .../index/mapper/DateFieldMapperTests.java    |   3 -
 .../recovery/RecoverySettingsTests.java       |  19 ---
 .../monitor/jvm/JvmInfoTests.java             |   5 +-
 .../plugins/IndexStorePluginTests.java        |  42 ++----
 .../junit/listeners/ReproduceInfoPrinter.java |   3 +-
 .../xpack/core/XPackSettings.java             |  33 +----
 .../xpack/core/XPackSettingsTests.java        |  11 --
 .../exporter/http/HttpExporterSslIT.java      |  27 +---
 .../ssl/SslClientAuthenticationTests.java     |  21 +--
 .../security/authc/saml/SamlRealmTests.java   |  25 +---
 .../transport/nio/SSLDriverTests.java         |  45 +------
 .../datetime/NamedDateTimeProcessorTests.java |  15 +--
 .../webhook/WebhookHttpsIntegrationTests.java |  26 +---
 .../watcher/common/http/HttpClientTests.java  |  35 +----
 33 files changed, 52 insertions(+), 784 deletions(-)
 delete mode 100644 libs/core/src/main/java/org/elasticsearch/jdk/JavaVersion.java
 delete mode 100644 server/src/test/java/org/elasticsearch/bootstrap/JavaVersionTests.java

diff --git a/libs/core/src/main/java/org/elasticsearch/jdk/JarHell.java b/libs/core/src/main/java/org/elasticsearch/jdk/JarHell.java
index f3eddbbfd5568..139561c189255 100644
--- a/libs/core/src/main/java/org/elasticsearch/jdk/JarHell.java
+++ b/libs/core/src/main/java/org/elasticsearch/jdk/JarHell.java
@@ -12,6 +12,7 @@
 import org.elasticsearch.core.SuppressForbidden;
 
 import java.io.IOException;
+import java.lang.Runtime.Version;
 import java.net.MalformedURLException;
 import java.net.URISyntaxException;
 import java.net.URL;
@@ -224,38 +225,24 @@ private static void checkManifest(Manifest manifest, Path jar) {
         // give a nice error if jar requires a newer java version
         String targetVersion = manifest.getMainAttributes().getValue("X-Compile-Target-JDK");
         if (targetVersion != null) {
-            checkVersionFormat(targetVersion);
             checkJavaVersion(jar.toString(), targetVersion);
         }
     }
 
-    public static void checkVersionFormat(String targetVersion) {
-        if (JavaVersion.isValid(targetVersion) == false) {
-            throw new IllegalStateException(
-                String.format(
-                    Locale.ROOT,
-                    "version string must be a sequence of nonnegative decimal integers separated by \".\"'s and may have "
-                        + "leading zeros but was %s",
-                    targetVersion
-                )
-            );
-        }
-    }
-
     /**
      * Checks that the java specification version {@code targetVersion}
      * required by {@code resource} is compatible with the current installation.
      */
     public static void checkJavaVersion(String resource, String targetVersion) {
-        JavaVersion version = JavaVersion.parse(targetVersion);
-        if (JavaVersion.current().compareTo(version) < 0) {
+        Version version = Version.parse(targetVersion);
+        if (Runtime.version().compareTo(version) < 0) {
             throw new IllegalStateException(
                 String.format(
                     Locale.ROOT,
                     "%s requires Java %s:, your system: %s",
                     resource,
                     targetVersion,
-                    JavaVersion.current().toString()
+                    Runtime.version().toString()
                 )
             );
         }
diff --git a/libs/core/src/main/java/org/elasticsearch/jdk/JavaVersion.java b/libs/core/src/main/java/org/elasticsearch/jdk/JavaVersion.java
deleted file mode 100644
index 6c0de1c320dbc..0000000000000
--- a/libs/core/src/main/java/org/elasticsearch/jdk/JavaVersion.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0 and the Server Side Public License, v 1; you may not use this file except
- * in compliance with, at your election, the Elastic License 2.0 or the Server
- * Side Public License, v 1.
- */
-
-package org.elasticsearch.jdk;
-
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.Objects;
-import java.util.stream.Collectors;
-
-public class JavaVersion implements Comparable<JavaVersion> {
-
-    private final List<Integer> version;
-    private final String prePart;
-
-    public List<Integer> getVersion() {
-        return version;
-    }
-
-    private JavaVersion(List<Integer> version, String prePart) {
-        this.prePart = prePart;
-        if (version.size() >= 2 && version.get(0) == 1 && version.get(1) == 8) {
-            // for Java 8 there is ambiguity since both 1.8 and 8 are supported,
-            // so we rewrite the former to the latter
-            version = new ArrayList<>(version.subList(1, version.size()));
-        }
-        this.version = Collections.unmodifiableList(version);
-    }
-
-    /**
-     * Parses the Java version as it can be retrieved as the value of java.version or
-     * java.specification.version according to JEP 223.
-     *
-     * @param value The version String
-     */
-    public static JavaVersion parse(String value) {
-        Objects.requireNonNull(value);
-        String prePart = null;
-        if (isValid(value) == false) {
-            throw new IllegalArgumentException("Java version string [" + value + "] could not be parsed.");
-        }
-        List<Integer> version = new ArrayList<>();
-        String[] parts = value.split("-");
-        String[] numericComponents;
-        if (parts.length == 1) {
-            numericComponents = value.split("\\.");
-        } else if (parts.length == 2) {
-            numericComponents = parts[0].split("\\.");
-            prePart = parts[1];
-        } else {
-            throw new IllegalArgumentException("Java version string [" + value + "] could not be parsed.");
-        }
-
-        for (String component : numericComponents) {
-            version.add(Integer.valueOf(component));
-        }
-        return new JavaVersion(version, prePart);
-    }
-
-    public static boolean isValid(String value) {
-        return value.matches("^0*[0-9]+(\\.[0-9]+)*(-[a-zA-Z0-9]+)?$");
-    }
-
-    private static final JavaVersion CURRENT = parse(System.getProperty("java.specification.version"));
-
-    public static JavaVersion current() {
-        return CURRENT;
-    }
-
-    @Override
-    public int compareTo(JavaVersion o) {
-        int len = Math.max(version.size(), o.version.size());
-        for (int i = 0; i < len; i++) {
-            int d = (i < version.size() ? version.get(i) : 0);
-            int s = (i < o.version.size() ? o.version.get(i) : 0);
-            if (s < d) return 1;
-            if (s > d) return -1;
-        }
-        if (prePart != null && o.prePart == null) {
-            return -1;
-        } else if (prePart == null && o.prePart != null) {
-            return 1;
-        } else if (prePart != null && o.prePart != null) {
-            return comparePrePart(prePart, o.prePart);
-        }
-        return 0;
-    }
-
-    private int comparePrePart(String leftPrePart, String rightPrePart) {
-        if (leftPrePart.matches("\\d+")) {
-            return rightPrePart.matches("\\d+") ? (new BigInteger(leftPrePart)).compareTo(new BigInteger(rightPrePart)) : -1;
-        } else {
-            return rightPrePart.matches("\\d+") ? 1 : leftPrePart.compareTo(rightPrePart);
-        }
-    }
-
-    @Override
-    public boolean equals(Object o) {
-        if (o == null || o.getClass() != getClass()) {
-            return false;
-        }
-        return compareTo((JavaVersion) o) == 0;
-    }
-
-    @Override
-    public int hashCode() {
-        return version.hashCode();
-    }
-
-    @Override
-    public String toString() {
-        final String versionString = version.stream().map(v -> Integer.toString(v)).collect(Collectors.joining("."));
-        return prePart != null ? versionString + "-" + prePart : versionString;
-    }
-}
diff --git a/libs/core/src/test/java/org/elasticsearch/jdk/JarHellTests.java b/libs/core/src/test/java/org/elasticsearch/jdk/JarHellTests.java
index db82ded6fb6cc..7d4e47a3e052d 100644
--- a/libs/core/src/test/java/org/elasticsearch/jdk/JarHellTests.java
+++ b/libs/core/src/test/java/org/elasticsearch/jdk/JarHellTests.java
@@ -13,6 +13,7 @@
 import org.elasticsearch.test.ESTestCase;
 
 import java.io.IOException;
+import java.lang.Runtime.Version;
 import java.net.URL;
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -27,6 +28,8 @@
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
 
+import static org.hamcrest.Matchers.containsString;
+
 public class JarHellTests extends ESTestCase {
 
     URL makeJar(Path dir, String name, Manifest manifest, String... files) throws IOException {
@@ -132,25 +135,21 @@ public void testXmlBeansLeniency() throws Exception {
 
     public void testRequiredJDKVersionTooOld() throws Exception {
         Path dir = createTempDir();
-        List<Integer> current = JavaVersion.current().getVersion();
+        List<Integer> current = Runtime.version().version();
         List<Integer> target = new ArrayList<>(current.size());
         for (int i = 0; i < current.size(); i++) {
             target.add(current.get(i) + 1);
         }
-        JavaVersion targetVersion = JavaVersion.parse(Strings.collectionToDelimitedString(target, "."));
+        Version targetVersion = Version.parse(Strings.collectionToDelimitedString(target, "."));
 
         Manifest manifest = new Manifest();
         Attributes attributes = manifest.getMainAttributes();
         attributes.put(Attributes.Name.MANIFEST_VERSION, "1.0.0");
         attributes.put(new Attributes.Name("X-Compile-Target-JDK"), targetVersion.toString());
         Set<URL> jars = Collections.singleton(makeJar(dir, "foo.jar", manifest, "Foo.class"));
-        try {
-            JarHell.checkJarHell(jars, logger::debug);
-            fail("did not get expected exception");
-        } catch (IllegalStateException e) {
-            assertTrue(e.getMessage().contains("requires Java " + targetVersion.toString()));
-            assertTrue(e.getMessage().contains("your system: " + JavaVersion.current().toString()));
-        }
+        var e = expectThrows(IllegalStateException.class, () -> JarHell.checkJarHell(jars, logger::debug));
+        assertThat(e.getMessage(), containsString("requires Java " + targetVersion));
+        assertThat(e.getMessage(), containsString("your system: " + Runtime.version().toString()));
     }
 
     public void testBadJDKVersionInJar() throws Exception {
@@ -184,24 +183,10 @@ public void testRequiredJDKVersionIsOK() throws Exception {
         JarHell.checkJarHell(jars, logger::debug);
     }
 
-    public void testValidVersions() {
-        String[] versions = new String[] { "1.7", "1.7.0", "0.1.7", "1.7.0.80" };
-        for (String version : versions) {
-            try {
-                JarHell.checkVersionFormat(version);
-            } catch (IllegalStateException e) {
-                fail(version + " should be accepted as a valid version format");
-            }
-        }
-    }
-
     public void testInvalidVersions() {
         String[] versions = new String[] { "", "1.7.0_80", "1.7." };
         for (String version : versions) {
-            try {
-                JarHell.checkVersionFormat(version);
-                fail("\"" + version + "\"" + " should be rejected as an invalid version format");
-            } catch (IllegalStateException e) {}
+            expectThrows(IllegalArgumentException.class, () -> JarHell.checkJavaVersion("foo", version));
         }
     }
 
diff --git a/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java b/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java
index 0bed81106c67b..2659a7c55cfc7 100644
--- a/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java
+++ b/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java
@@ -8,8 +8,6 @@
 
 package org.elasticsearch.common.ssl;
 
-import org.elasticsearch.jdk.JavaVersion;
-
 import java.nio.file.Path;
 import java.security.KeyStore;
 import java.util.Arrays;
@@ -18,7 +16,6 @@
 import java.util.Objects;
 import java.util.function.Function;
 import java.util.stream.Collectors;
-
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.TrustManagerFactory;
 
@@ -66,48 +63,6 @@ public abstract class SslConfigurationLoader {
             : Arrays.asList("TLSv1.2", "TLSv1.1")
     );
 
-    private static final List<String> JDK11_CIPHERS = List.of(
-        // TLSv1.3 cipher has PFS, AEAD, hardware support
-        "TLS_AES_256_GCM_SHA384",
-        "TLS_AES_128_GCM_SHA256",
-
-        // PFS, AEAD, hardware support
-        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-
-        // PFS, AEAD, hardware support
-        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-
-        // PFS, hardware support
-        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-
-        // PFS, hardware support
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-
-        // PFS, hardware support
-        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-
-        // PFS, hardware support
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-
-        // AEAD, hardware support
-        "TLS_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_RSA_WITH_AES_128_GCM_SHA256",
-
-        // hardware support
-        "TLS_RSA_WITH_AES_256_CBC_SHA256",
-        "TLS_RSA_WITH_AES_128_CBC_SHA256",
-
-        // hardware support
-        "TLS_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_RSA_WITH_AES_128_CBC_SHA"
-    );
-
     private static final List<String> JDK12_CIPHERS = List.of(
         // TLSv1.3 cipher has PFS, AEAD, hardware support
         "TLS_AES_256_GCM_SHA384",
@@ -157,9 +112,7 @@ public abstract class SslConfigurationLoader {
         "TLS_RSA_WITH_AES_128_CBC_SHA"
     );
 
-    static final List<String> DEFAULT_CIPHERS = JavaVersion.current().compareTo(JavaVersion.parse("12")) > -1
-        ? JDK12_CIPHERS
-        : JDK11_CIPHERS;
+    static final List<String> DEFAULT_CIPHERS = JDK12_CIPHERS;
     private static final char[] EMPTY_PASSWORD = new char[0];
 
     private final String settingPrefix;
diff --git a/libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/SslConfigurationLoaderTests.java b/libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/SslConfigurationLoaderTests.java
index 5c2f24acd42ba..173a19371d0e9 100644
--- a/libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/SslConfigurationLoaderTests.java
+++ b/libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/SslConfigurationLoaderTests.java
@@ -11,7 +11,6 @@
 import org.elasticsearch.common.settings.MockSecureSettings;
 import org.elasticsearch.common.settings.SecureString;
 import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.ESTestCase;
 
 import java.nio.file.Path;
@@ -223,16 +222,8 @@ public void testLoadKeysFromJKS() {
     }
 
     public void testChaCha20InCiphersOnJdk12Plus() {
-        assumeTrue("Test is only valid on JDK 12+ JVM", JavaVersion.current().compareTo(JavaVersion.parse("12")) > -1);
         assertThat(SslConfigurationLoader.DEFAULT_CIPHERS, hasItem("TLS_CHACHA20_POLY1305_SHA256"));
         assertThat(SslConfigurationLoader.DEFAULT_CIPHERS, hasItem("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"));
         assertThat(SslConfigurationLoader.DEFAULT_CIPHERS, hasItem("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"));
     }
-
-    public void testChaCha20NotInCiphersOnPreJdk12() {
-        assumeTrue("Test is only valid on pre JDK 12 JVM", JavaVersion.current().compareTo(JavaVersion.parse("12")) < 0);
-        assertThat(SslConfigurationLoader.DEFAULT_CIPHERS, not(hasItem("TLS_CHACHA20_POLY1305_SHA256")));
-        assertThat(SslConfigurationLoader.DEFAULT_CIPHERS, not(hasItem("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256")));
-        assertThat(SslConfigurationLoader.DEFAULT_CIPHERS, not(hasItem("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256")));
-    }
 }
diff --git a/modules/lang-painless/src/test/java/org/elasticsearch/painless/ArrayTests.java b/modules/lang-painless/src/test/java/org/elasticsearch/painless/ArrayTests.java
index 004a0f0bd99b3..4a93a4dc68669 100644
--- a/modules/lang-painless/src/test/java/org/elasticsearch/painless/ArrayTests.java
+++ b/modules/lang-painless/src/test/java/org/elasticsearch/painless/ArrayTests.java
@@ -9,7 +9,6 @@
 package org.elasticsearch.painless;
 
 import org.apache.lucene.util.Constants;
-import org.elasticsearch.jdk.JavaVersion;
 import org.hamcrest.Matcher;
 
 import java.lang.invoke.MethodHandle;
@@ -31,11 +30,7 @@ protected String valueCtorCall(String valueType, int size) {
 
     @Override
     protected Matcher<String> outOfBoundsExceptionMessageMatcher(int index, int size) {
-        if (JavaVersion.current().compareTo(JavaVersion.parse("11")) < 0) {
-            return equalTo(Integer.toString(index));
-        } else {
-            return equalTo("Index " + Integer.toString(index) + " out of bounds for length " + Integer.toString(size));
-        }
+        return equalTo("Index " + Integer.toString(index) + " out of bounds for length " + Integer.toString(size));
     }
 
     public void testArrayLengthHelper() throws Throwable {
diff --git a/modules/reindex/src/test/java/org/elasticsearch/reindex/ReindexRestClientSslTests.java b/modules/reindex/src/test/java/org/elasticsearch/reindex/ReindexRestClientSslTests.java
index ab41e16f12beb..dc25fa2d2830f 100644
--- a/modules/reindex/src/test/java/org/elasticsearch/reindex/ReindexRestClientSslTests.java
+++ b/modules/reindex/src/test/java/org/elasticsearch/reindex/ReindexRestClientSslTests.java
@@ -26,7 +26,6 @@
 import org.elasticsearch.env.Environment;
 import org.elasticsearch.env.TestEnvironment;
 import org.elasticsearch.index.reindex.RemoteInfo;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.mocksocket.MockHttpServer;
 import org.elasticsearch.test.ESTestCase;
 import org.elasticsearch.watcher.ResourceWatcherService;
@@ -95,7 +94,7 @@ public static void shutdownHttpServer() {
     }
 
     private static SSLContext buildServerSslContext() throws Exception {
-        final SSLContext sslContext = SSLContext.getInstance(isHttpsServerBrokenWithTLSv13() ? "TLSv1.2" : "TLS");
+        final SSLContext sslContext = SSLContext.getInstance("TLS");
         final char[] password = "http-password".toCharArray();
 
         final Path cert = PathUtils.get(ReindexRestClientSslTests.class.getResource("http/http.crt").toURI());
@@ -116,9 +115,6 @@ public void testClientFailsWithUntrustedCertificate() throws IOException {
         assumeFalse("https://github.com/elastic/elasticsearch/issues/49094", inFipsJvm());
         final List<Thread> threads = new ArrayList<>();
         final Settings.Builder builder = Settings.builder().put("path.home", createTempDir());
-        if (isHttpsServerBrokenWithTLSv13()) {
-            builder.put("reindex.ssl.supported_protocols", "TLSv1.2");
-        }
         final Settings settings = builder.build();
         final Environment environment = TestEnvironment.newEnvironment(settings);
         final ReindexSslConfig ssl = new ReindexSslConfig(settings, environment, mock(ResourceWatcherService.class));
@@ -133,9 +129,6 @@ public void testClientSucceedsWithCertificateAuthorities() throws IOException {
         final Settings.Builder builder = Settings.builder()
             .put("path.home", createTempDir())
             .putList("reindex.ssl.certificate_authorities", ca.toString());
-        if (isHttpsServerBrokenWithTLSv13()) {
-            builder.put("reindex.ssl.supported_protocols", "TLSv1.2");
-        }
         final Settings settings = builder.build();
         final Environment environment = TestEnvironment.newEnvironment(settings);
         final ReindexSslConfig ssl = new ReindexSslConfig(settings, environment, mock(ResourceWatcherService.class));
@@ -149,9 +142,6 @@ public void testClientSucceedsWithVerificationDisabled() throws IOException {
         assumeFalse("Cannot disable verification in FIPS JVM", inFipsJvm());
         final List<Thread> threads = new ArrayList<>();
         final Settings.Builder builder = Settings.builder().put("path.home", createTempDir()).put("reindex.ssl.verification_mode", "NONE");
-        if (isHttpsServerBrokenWithTLSv13()) {
-            builder.put("reindex.ssl.supported_protocols", "TLSv1.2");
-        }
         final Settings settings = builder.build();
         final Environment environment = TestEnvironment.newEnvironment(settings);
         final ReindexSslConfig ssl = new ReindexSslConfig(settings, environment, mock(ResourceWatcherService.class));
@@ -172,9 +162,6 @@ public void testClientPassesClientCertificate() throws IOException {
             .put("reindex.ssl.certificate", cert)
             .put("reindex.ssl.key", key)
             .put("reindex.ssl.key_passphrase", "client-password");
-        if (isHttpsServerBrokenWithTLSv13()) {
-            builder.put("reindex.ssl.supported_protocols", "TLSv1.2");
-        }
         final Settings settings = builder.build();
         AtomicReference<Certificate[]> clientCertificates = new AtomicReference<>();
         handler = https -> {
@@ -226,12 +213,4 @@ public void configure(HttpsParameters params) {
             params.setWantClientAuth(true);
         }
     }
-
-    /**
-     * Checks whether the JVM this test is run under is affected by JDK-8254967, which causes these
-     * tests to fail if a TLSv1.3 SSLContext is used.
-     */
-    private static boolean isHttpsServerBrokenWithTLSv13() {
-        return JavaVersion.current().compareTo(JavaVersion.parse("16.0.0")) < 0;
-    }
 }
diff --git a/modules/transport-netty4/src/test/java/org/elasticsearch/transport/netty4/SimpleNetty4TransportTests.java b/modules/transport-netty4/src/test/java/org/elasticsearch/transport/netty4/SimpleNetty4TransportTests.java
index 23ab2f54543bd..a5dd80b58fed8 100644
--- a/modules/transport-netty4/src/test/java/org/elasticsearch/transport/netty4/SimpleNetty4TransportTests.java
+++ b/modules/transport-netty4/src/test/java/org/elasticsearch/transport/netty4/SimpleNetty4TransportTests.java
@@ -20,7 +20,6 @@
 import org.elasticsearch.core.internal.io.IOUtils;
 import org.elasticsearch.core.internal.net.NetUtils;
 import org.elasticsearch.indices.breaker.NoneCircuitBreakerService;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.transport.MockTransportService;
 import org.elasticsearch.test.transport.StubbableTransport;
 import org.elasticsearch.transport.AbstractSimpleTransportTestCase;
@@ -98,7 +97,7 @@ public void testConnectException() throws UnknownHostException {
     public void testDefaultKeepAliveSettings() throws IOException {
         assumeTrue(
             "setting default keepalive options not supported on this platform",
-            (IOUtils.LINUX || IOUtils.MAC_OS_X) && JavaVersion.current().compareTo(JavaVersion.parse("11")) >= 0
+            (IOUtils.LINUX || IOUtils.MAC_OS_X)
         );
         try (
             MockTransportService serviceC = buildService("TS_C", Version.CURRENT, Settings.EMPTY);
diff --git a/plugins/discovery-azure-classic/src/internalClusterTest/java/org/elasticsearch/discovery/azure/classic/AzureDiscoveryClusterFormationTests.java b/plugins/discovery-azure-classic/src/internalClusterTest/java/org/elasticsearch/discovery/azure/classic/AzureDiscoveryClusterFormationTests.java
index 2588b6f06bf1e..1b72da1313003 100644
--- a/plugins/discovery-azure-classic/src/internalClusterTest/java/org/elasticsearch/discovery/azure/classic/AzureDiscoveryClusterFormationTests.java
+++ b/plugins/discovery-azure-classic/src/internalClusterTest/java/org/elasticsearch/discovery/azure/classic/AzureDiscoveryClusterFormationTests.java
@@ -22,7 +22,6 @@
 import org.elasticsearch.core.SuppressForbidden;
 import org.elasticsearch.discovery.DiscoveryModule;
 import org.elasticsearch.env.Environment;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.mocksocket.MockHttpServer;
 import org.elasticsearch.node.Node;
 import org.elasticsearch.plugin.discovery.azure.classic.AzureDiscoveryPlugin;
@@ -43,9 +42,7 @@
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.AccessController;
 import java.security.KeyStore;
-import java.security.PrivilegedAction;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
@@ -258,29 +255,11 @@ private static SSLContext getSSLContext() throws Exception {
         kmf.init(ks, passphrase);
         TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
         tmf.init(ks);
-        SSLContext ssl = SSLContext.getInstance(getProtocol());
+        SSLContext ssl = SSLContext.getInstance("TLS");
         ssl.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
         return ssl;
     }
 
-    /**
-     * The {@link HttpsServer} in the JDK has issues with TLSv1.3 when running in a JDK prior to
-     * 12.0.1 so we pin to TLSv1.2 when running on an earlier JDK
-     */
-    private static String getProtocol() {
-        if (JavaVersion.current().compareTo(JavaVersion.parse("12")) < 0) {
-            return "TLSv1.2";
-        } else {
-            JavaVersion full = AccessController.doPrivileged(
-                (PrivilegedAction<JavaVersion>) () -> JavaVersion.parse(System.getProperty("java.version"))
-            );
-            if (full.compareTo(JavaVersion.parse("12.0.1")) < 0) {
-                return "TLSv1.2";
-            }
-        }
-        return "TLS";
-    }
-
     @AfterClass
     public static void stopHttpd() throws IOException {
         try {
diff --git a/plugins/ingest-attachment/src/main/java/org/elasticsearch/ingest/attachment/TikaImpl.java b/plugins/ingest-attachment/src/main/java/org/elasticsearch/ingest/attachment/TikaImpl.java
index 4fe5e568d12a8..a9530cf8c5b62 100644
--- a/plugins/ingest-attachment/src/main/java/org/elasticsearch/ingest/attachment/TikaImpl.java
+++ b/plugins/ingest-attachment/src/main/java/org/elasticsearch/ingest/attachment/TikaImpl.java
@@ -20,7 +20,6 @@
 import org.elasticsearch.core.PathUtils;
 import org.elasticsearch.core.SuppressForbidden;
 import org.elasticsearch.jdk.JarHell;
-import org.elasticsearch.jdk.JavaVersion;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
@@ -157,14 +156,6 @@ static PermissionCollection getRestrictedPermissions() {
         perms.add(new RuntimePermission("accessClassInPackage.sun.java2d.cmm.kcms"));
         // xmlbeans, use by POI, needs to get the context classloader
         perms.add(new RuntimePermission("getClassLoader"));
-        // ZipFile needs accessDeclaredMembers on JDK 10; cf. https://bugs.openjdk.java.net/browse/JDK-8187485
-        if (JavaVersion.current().compareTo(JavaVersion.parse("10")) >= 0) {
-            if (JavaVersion.current().compareTo(JavaVersion.parse("11")) < 0) {
-                // TODO remove this and from plugin-security.policy when JDK 11 is the only one we support
-                // this is needed pre 11, but it's fixed in 11 : https://bugs.openjdk.java.net/browse/JDK-8187485
-                perms.add(new RuntimePermission("accessDeclaredMembers"));
-            }
-        }
         perms.setReadOnly();
         return perms;
     }
diff --git a/plugins/repository-hdfs/src/test/java/org/elasticsearch/repositories/hdfs/HdfsTests.java b/plugins/repository-hdfs/src/test/java/org/elasticsearch/repositories/hdfs/HdfsTests.java
index 7b557ecaa45c6..f85ae51d5417d 100644
--- a/plugins/repository-hdfs/src/test/java/org/elasticsearch/repositories/hdfs/HdfsTests.java
+++ b/plugins/repository-hdfs/src/test/java/org/elasticsearch/repositories/hdfs/HdfsTests.java
@@ -15,7 +15,6 @@
 import org.elasticsearch.client.internal.Client;
 import org.elasticsearch.cluster.ClusterState;
 import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.repositories.RepositoriesService;
 import org.elasticsearch.repositories.RepositoryException;
@@ -38,7 +37,6 @@ protected Collection<Class<? extends Plugin>> getPlugins() {
     }
 
     public void testSimpleWorkflow() {
-        assumeFalse("https://github.com/elastic/elasticsearch/issues/31498", JavaVersion.current().equals(JavaVersion.parse("11")));
         Client client = client();
 
         AcknowledgedResponse putRepositoryResponse = client.admin()
diff --git a/plugins/transport-nio/src/test/java/org/elasticsearch/transport/nio/SimpleNioTransportTests.java b/plugins/transport-nio/src/test/java/org/elasticsearch/transport/nio/SimpleNioTransportTests.java
index 6c15e36f5047d..ac3b90a3913e7 100644
--- a/plugins/transport-nio/src/test/java/org/elasticsearch/transport/nio/SimpleNioTransportTests.java
+++ b/plugins/transport-nio/src/test/java/org/elasticsearch/transport/nio/SimpleNioTransportTests.java
@@ -20,7 +20,6 @@
 import org.elasticsearch.core.internal.io.IOUtils;
 import org.elasticsearch.core.internal.net.NetUtils;
 import org.elasticsearch.indices.breaker.NoneCircuitBreakerService;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.transport.MockTransportService;
 import org.elasticsearch.test.transport.StubbableTransport;
 import org.elasticsearch.transport.AbstractSimpleTransportTestCase;
@@ -101,7 +100,7 @@ public void testConnectException() throws UnknownHostException {
     public void testDefaultKeepAliveSettings() throws IOException {
         assumeTrue(
             "setting default keepalive options not supported on this platform",
-            (IOUtils.LINUX || IOUtils.MAC_OS_X) && JavaVersion.current().compareTo(JavaVersion.parse("11")) >= 0
+            (IOUtils.LINUX || IOUtils.MAC_OS_X)
         );
         try (
             MockTransportService serviceC = buildService("TS_C", Version.CURRENT, Settings.EMPTY);
diff --git a/server/src/internalClusterTest/java/org/elasticsearch/search/aggregations/bucket/DateHistogramIT.java b/server/src/internalClusterTest/java/org/elasticsearch/search/aggregations/bucket/DateHistogramIT.java
index 145f2c18ed666..9e12cd129bdb2 100644
--- a/server/src/internalClusterTest/java/org/elasticsearch/search/aggregations/bucket/DateHistogramIT.java
+++ b/server/src/internalClusterTest/java/org/elasticsearch/search/aggregations/bucket/DateHistogramIT.java
@@ -19,7 +19,6 @@
 import org.elasticsearch.index.mapper.DateFieldMapper;
 import org.elasticsearch.index.query.MatchNoneQueryBuilder;
 import org.elasticsearch.index.query.QueryBuilders;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.script.Script;
 import org.elasticsearch.script.ScriptType;
@@ -356,9 +355,6 @@ public void testSingleValued_timeZone_epoch() throws Exception {
             ZonedDateTime expectedKey = keyIterator.next();
             String bucketKey = bucket.getKeyAsString();
             String expectedBucketName = Long.toString(expectedKey.toInstant().toEpochMilli() / millisDivider);
-            if (JavaVersion.current().getVersion().get(0) == 8 && bucket.getKeyAsString().endsWith(".0")) {
-                expectedBucketName = expectedBucketName + ".0";
-            }
             assertThat(bucketKey, equalTo(expectedBucketName));
             assertThat(((ZonedDateTime) bucket.getKey()), equalTo(expectedKey));
             assertThat(bucket.getDocCount(), equalTo(1L));
@@ -1462,11 +1458,7 @@ public void testRewriteTimeZone_EpochMillisFormat() throws InterruptedException,
         assertSearchResponse(response);
         Histogram histo = response.getAggregations().get("histo");
         assertThat(histo.getBuckets().size(), equalTo(1));
-        if (JavaVersion.current().getVersion().get(0) == 8 && histo.getBuckets().get(0).getKeyAsString().endsWith(".0")) {
-            assertThat(histo.getBuckets().get(0).getKeyAsString(), equalTo("1477954800000.0"));
-        } else {
-            assertThat(histo.getBuckets().get(0).getKeyAsString(), equalTo("1477954800000"));
-        }
+        assertThat(histo.getBuckets().get(0).getKeyAsString(), equalTo("1477954800000"));
         assertThat(histo.getBuckets().get(0).getDocCount(), equalTo(1L));
 
         response = client().prepareSearch(index)
diff --git a/server/src/internalClusterTest/java/org/elasticsearch/search/query/SearchQueryIT.java b/server/src/internalClusterTest/java/org/elasticsearch/search/query/SearchQueryIT.java
index 27ab3d18bdde1..14aad52d17d84 100644
--- a/server/src/internalClusterTest/java/org/elasticsearch/search/query/SearchQueryIT.java
+++ b/server/src/internalClusterTest/java/org/elasticsearch/search/query/SearchQueryIT.java
@@ -44,7 +44,6 @@
 import org.elasticsearch.indices.IndicesService;
 import org.elasticsearch.indices.TermsLookup;
 import org.elasticsearch.indices.analysis.AnalysisModule.AnalysisProvider;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.plugins.AnalysisPlugin;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.rest.RestStatus;
@@ -1764,7 +1763,6 @@ public void testRangeQueryWithTimeZone() throws Exception {
      * on "Configuring IDEs And Running Tests".
      */
     public void testRangeQueryWithLocaleMapping() throws Exception {
-        assumeTrue("need java 9 for testing ", JavaVersion.current().compareTo(JavaVersion.parse("9")) >= 0);
         assert ("SPI,COMPAT".equals(System.getProperty("java.locale.providers"))) : "`-Djava.locale.providers=SPI,COMPAT` needs to be set";
 
         assertAcked(
diff --git a/server/src/main/java/org/elasticsearch/bootstrap/BootstrapChecks.java b/server/src/main/java/org/elasticsearch/bootstrap/BootstrapChecks.java
index 27f16b6a46f74..b6391fbd7f931 100644
--- a/server/src/main/java/org/elasticsearch/bootstrap/BootstrapChecks.java
+++ b/server/src/main/java/org/elasticsearch/bootstrap/BootstrapChecks.java
@@ -20,7 +20,6 @@
 import org.elasticsearch.core.SuppressForbidden;
 import org.elasticsearch.discovery.DiscoveryModule;
 import org.elasticsearch.index.IndexModule;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.monitor.jvm.JvmInfo;
 import org.elasticsearch.monitor.process.ProcessProbe;
 import org.elasticsearch.node.NodeValidationException;
@@ -36,8 +35,6 @@
 import java.util.List;
 import java.util.Locale;
 import java.util.function.Predicate;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
@@ -207,7 +204,6 @@ static List<BootstrapCheck> checks() {
         checks.add(new OnErrorCheck());
         checks.add(new OnOutOfMemoryErrorCheck());
         checks.add(new EarlyAccessCheck());
-        checks.add(new G1GCCheck());
         checks.add(new AllPermissionCheck());
         checks.add(new DiscoveryConfiguredCheck());
         return Collections.unmodifiableList(checks);
@@ -663,60 +659,6 @@ String javaVersion() {
 
     }
 
-    /**
-     * Bootstrap check for versions of HotSpot that are known to have issues that can lead to index corruption when G1GC is enabled.
-     */
-    static class G1GCCheck implements BootstrapCheck {
-
-        @Override
-        public BootstrapCheckResult check(BootstrapContext context) {
-            if ("Oracle Corporation".equals(jvmVendor()) && isJava8() && isG1GCEnabled()) {
-                final String jvmVersion = jvmVersion();
-                // HotSpot versions on Java 8 match this regular expression; note that this changes with Java 9 after JEP-223
-                final Pattern pattern = Pattern.compile("(\\d+)\\.(\\d+)-b\\d+");
-                final Matcher matcher = pattern.matcher(jvmVersion);
-                final boolean matches = matcher.matches();
-                assert matches : jvmVersion;
-                final int major = Integer.parseInt(matcher.group(1));
-                final int update = Integer.parseInt(matcher.group(2));
-                // HotSpot versions for Java 8 have major version 25, the bad versions are all versions prior to update 40
-                if (major == 25 && update < 40) {
-                    final String message = String.format(
-                        Locale.ROOT,
-                        "JVM version [%s] can cause data corruption when used with G1GC; upgrade to at least Java 8u40",
-                        jvmVersion
-                    );
-                    return BootstrapCheckResult.failure(message);
-                }
-            }
-            return BootstrapCheckResult.success();
-        }
-
-        // visible for testing
-        String jvmVendor() {
-            return Constants.JVM_VENDOR;
-        }
-
-        // visible for testing
-        boolean isG1GCEnabled() {
-            assert "Oracle Corporation".equals(jvmVendor());
-            return JvmInfo.jvmInfo().useG1GC().equals("true");
-        }
-
-        // visible for testing
-        String jvmVersion() {
-            assert "Oracle Corporation".equals(jvmVendor());
-            return Constants.JVM_VERSION;
-        }
-
-        // visible for testing
-        boolean isJava8() {
-            assert "Oracle Corporation".equals(jvmVendor());
-            return JavaVersion.current().equals(JavaVersion.parse("1.8"));
-        }
-
-    }
-
     static class AllPermissionCheck implements BootstrapCheck {
 
         @Override
diff --git a/server/src/main/java/org/elasticsearch/indices/recovery/RecoverySettings.java b/server/src/main/java/org/elasticsearch/indices/recovery/RecoverySettings.java
index 122c3fc4df2e5..c3e4097141669 100644
--- a/server/src/main/java/org/elasticsearch/indices/recovery/RecoverySettings.java
+++ b/server/src/main/java/org/elasticsearch/indices/recovery/RecoverySettings.java
@@ -27,7 +27,6 @@
 import org.elasticsearch.core.Releasable;
 import org.elasticsearch.core.Releasables;
 import org.elasticsearch.core.TimeValue;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.monitor.os.OsProbe;
 import org.elasticsearch.node.NodeRoleSettings;
 
@@ -58,17 +57,6 @@ public class RecoverySettings {
         Property.NodeScope
     );
 
-    /**
-     * Undocumented setting, used to override the current JVM version in tests
-     **/
-    // package private for tests
-    static final Setting<JavaVersion> JAVA_VERSION_OVERRIDING_TEST_SETTING = new Setting<>(
-        "recovery_settings.java_version_override",
-        settings -> JavaVersion.current().toString(),
-        JavaVersion::parse,
-        Property.NodeScope
-    );
-
     /**
      * Disk's write bandwidth allocated for this node. This bandwidth is expressed for write operations that have the default block size of
      * {@link #DEFAULT_CHUNK_SIZE}.
@@ -224,11 +212,6 @@ private static Setting<Double> factorSetting(String key, Setting<Double> operato
              * an assumption here that the size of the instance is correlated with I/O resources. That is we are assuming that the
              * larger the instance, the more disk and networking capacity it has available.
              */
-            final JavaVersion javaVersion = JAVA_VERSION_OVERRIDING_TEST_SETTING.get(s);
-            if (javaVersion.compareTo(JavaVersion.parse("14")) < 0) {
-                // prior to JDK 14, the JDK did not take into consideration container memory limits when reporting total system memory
-                return DEFAULT_MAX_BYTES_PER_SEC.getStringRep();
-            }
             final ByteSizeValue totalPhysicalMemory = TOTAL_PHYSICAL_MEMORY_OVERRIDING_TEST_SETTING.get(s);
             final ByteSizeValue maxBytesPerSec;
             if (totalPhysicalMemory.compareTo(new ByteSizeValue(4, ByteSizeUnit.GB)) <= 0) {
diff --git a/server/src/main/java/org/elasticsearch/plugins/PluginInfo.java b/server/src/main/java/org/elasticsearch/plugins/PluginInfo.java
index de73e968a7af9..9d851c4141f8a 100644
--- a/server/src/main/java/org/elasticsearch/plugins/PluginInfo.java
+++ b/server/src/main/java/org/elasticsearch/plugins/PluginInfo.java
@@ -181,7 +181,7 @@ public static PluginInfo readFromProperties(final Path path) throws IOException
         if (javaVersionString == null) {
             throw new IllegalArgumentException("property [java.version] is missing for plugin [" + name + "]");
         }
-        JarHell.checkVersionFormat(javaVersionString);
+        JarHell.checkJavaVersion("plugin " + name, javaVersionString);
 
         final String extendedString = propsMap.remove("extended.plugins");
         final List<String> extendedPlugins;
diff --git a/server/src/test/java/org/elasticsearch/bootstrap/JavaVersionTests.java b/server/src/test/java/org/elasticsearch/bootstrap/JavaVersionTests.java
deleted file mode 100644
index c5279b0747555..0000000000000
--- a/server/src/test/java/org/elasticsearch/bootstrap/JavaVersionTests.java
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0 and the Server Side Public License, v 1; you may not use this file except
- * in compliance with, at your election, the Elastic License 2.0 or the Server
- * Side Public License, v 1.
- */
-
-package org.elasticsearch.bootstrap;
-
-import org.elasticsearch.jdk.JavaVersion;
-import org.elasticsearch.test.ESTestCase;
-
-import java.util.List;
-
-import static org.hamcrest.CoreMatchers.equalTo;
-import static org.hamcrest.CoreMatchers.is;
-
-public class JavaVersionTests extends ESTestCase {
-    public void testParse() {
-        JavaVersion javaVersion = JavaVersion.parse("1.7.0");
-        List<Integer> version = javaVersion.getVersion();
-        assertThat(version.size(), is(3));
-        assertThat(version.get(0), is(1));
-        assertThat(version.get(1), is(7));
-        assertThat(version.get(2), is(0));
-
-        JavaVersion javaVersionEarlyAccess = JavaVersion.parse("14.0.1-ea");
-        List<Integer> version14 = javaVersionEarlyAccess.getVersion();
-        assertThat(version14.size(), is(3));
-        assertThat(version14.get(0), is(14));
-        assertThat(version14.get(1), is(0));
-        assertThat(version14.get(2), is(1));
-
-        JavaVersion javaVersionOtherPrePart = JavaVersion.parse("13.2.4-somethingElseHere");
-        List<Integer> version13 = javaVersionOtherPrePart.getVersion();
-        assertThat(version13.size(), is(3));
-        assertThat(version13.get(0), is(13));
-        assertThat(version13.get(1), is(2));
-        assertThat(version13.get(2), is(4));
-
-        JavaVersion javaVersionNumericPrePart = JavaVersion.parse("13.2.4-something124443");
-        List<Integer> version11 = javaVersionNumericPrePart.getVersion();
-        assertThat(version11.size(), is(3));
-        assertThat(version11.get(0), is(13));
-        assertThat(version11.get(1), is(2));
-        assertThat(version11.get(2), is(4));
-    }
-
-    public void testParseInvalidVersions() {
-        final IllegalArgumentException e = expectThrows(IllegalArgumentException.class, () -> JavaVersion.parse("11.2-something-else"));
-        assertThat(e.getMessage(), equalTo("Java version string [11.2-something-else] could not be parsed."));
-        final IllegalArgumentException e1 = expectThrows(IllegalArgumentException.class, () -> JavaVersion.parse("11.0."));
-        assertThat(e1.getMessage(), equalTo("Java version string [11.0.] could not be parsed."));
-        final IllegalArgumentException e2 = expectThrows(IllegalArgumentException.class, () -> JavaVersion.parse("11.a.3"));
-        assertThat(e2.getMessage(), equalTo("Java version string [11.a.3] could not be parsed."));
-    }
-
-    public void testToString() {
-        JavaVersion javaVersion170 = JavaVersion.parse("1.7.0");
-        assertThat(javaVersion170.toString(), is("1.7.0"));
-        JavaVersion javaVersion9 = JavaVersion.parse("9");
-        assertThat(javaVersion9.toString(), is("9"));
-        JavaVersion javaVersion11 = JavaVersion.parse("11.0.1-something09random");
-        assertThat(javaVersion11.toString(), is("11.0.1-something09random"));
-        JavaVersion javaVersion12 = JavaVersion.parse("12.2-2019");
-        assertThat(javaVersion12.toString(), is("12.2-2019"));
-        JavaVersion javaVersion13ea = JavaVersion.parse("13.1-ea");
-        assertThat(javaVersion13ea.toString(), is("13.1-ea"));
-    }
-
-    public void testCompare() {
-        JavaVersion onePointSix = JavaVersion.parse("1.6");
-        JavaVersion onePointSeven = JavaVersion.parse("1.7");
-        JavaVersion onePointSevenPointZero = JavaVersion.parse("1.7.0");
-        JavaVersion onePointSevenPointOne = JavaVersion.parse("1.7.1");
-        JavaVersion onePointSevenPointTwo = JavaVersion.parse("1.7.2");
-        JavaVersion onePointSevenPointOnePointOne = JavaVersion.parse("1.7.1.1");
-        JavaVersion onePointSevenPointTwoPointOne = JavaVersion.parse("1.7.2.1");
-        JavaVersion thirteen = JavaVersion.parse("13");
-        JavaVersion thirteenPointTwoPointOne = JavaVersion.parse("13.2.1");
-        JavaVersion thirteenPointTwoPointOneTwoThousand = JavaVersion.parse("13.2.1-2000");
-        JavaVersion thirteenPointTwoPointOneThreeThousand = JavaVersion.parse("13.2.1-3000");
-        JavaVersion thirteenPointTwoPointOneA = JavaVersion.parse("13.2.1-aaa");
-        JavaVersion thirteenPointTwoPointOneB = JavaVersion.parse("13.2.1-bbb");
-        JavaVersion fourteen = JavaVersion.parse("14");
-        JavaVersion fourteenPointTwoPointOne = JavaVersion.parse("14.2.1");
-        JavaVersion fourteenPointTwoPointOneEarlyAccess = JavaVersion.parse("14.2.1-ea");
-
-        assertTrue(onePointSix.compareTo(onePointSeven) < 0);
-        assertTrue(onePointSeven.compareTo(onePointSix) > 0);
-        assertTrue(onePointSix.compareTo(onePointSix) == 0);
-        assertTrue(onePointSeven.compareTo(onePointSevenPointZero) == 0);
-        assertTrue(onePointSevenPointOnePointOne.compareTo(onePointSevenPointOne) > 0);
-        assertTrue(onePointSevenPointTwo.compareTo(onePointSevenPointTwoPointOne) < 0);
-        assertTrue(thirteen.compareTo(thirteenPointTwoPointOne) < 0);
-        assertTrue(thirteen.compareTo(fourteen) < 0);
-        assertTrue(thirteenPointTwoPointOneThreeThousand.compareTo(thirteenPointTwoPointOneTwoThousand) > 0);
-        assertTrue(thirteenPointTwoPointOneThreeThousand.compareTo(thirteenPointTwoPointOneThreeThousand) == 0);
-        assertTrue(thirteenPointTwoPointOneA.compareTo(thirteenPointTwoPointOneA) == 0);
-        assertTrue(thirteenPointTwoPointOneA.compareTo(thirteenPointTwoPointOneB) < 0);
-        assertTrue(thirteenPointTwoPointOneA.compareTo(thirteenPointTwoPointOneThreeThousand) > 0);
-        assertTrue(fourteenPointTwoPointOneEarlyAccess.compareTo(fourteenPointTwoPointOne) < 0);
-        assertTrue(fourteenPointTwoPointOneEarlyAccess.compareTo(fourteen) > 0);
-
-    }
-
-    public void testValidVersions() {
-        String[] versions = new String[] { "1.7", "1.7.0", "0.1.7", "1.7.0.80", "12-ea", "13.0.2.3-ea", "14-something", "11.0.2-21002" };
-        for (String version : versions) {
-            assertTrue(JavaVersion.isValid(version));
-        }
-    }
-
-    public void testInvalidVersions() {
-        String[] versions = new String[] { "", "1.7.0_80", "1.7.", "11.2-something-else" };
-        for (String version : versions) {
-            assertFalse(JavaVersion.isValid(version));
-        }
-    }
-
-    public void testJava8Compat() {
-        assertEquals(JavaVersion.parse("1.8"), JavaVersion.parse("8"));
-    }
-}
diff --git a/server/src/test/java/org/elasticsearch/common/LocalTimeOffsetTests.java b/server/src/test/java/org/elasticsearch/common/LocalTimeOffsetTests.java
index 9e7c0d094a62b..47996c7d77905 100644
--- a/server/src/test/java/org/elasticsearch/common/LocalTimeOffsetTests.java
+++ b/server/src/test/java/org/elasticsearch/common/LocalTimeOffsetTests.java
@@ -11,7 +11,6 @@
 import org.elasticsearch.common.LocalTimeOffset.Gap;
 import org.elasticsearch.common.LocalTimeOffset.Overlap;
 import org.elasticsearch.common.time.DateFormatter;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.ESTestCase;
 
 import java.time.Instant;
@@ -254,11 +253,8 @@ public void testKnownMovesBackToPreviousDay() {
         assertKnownMovesBacktoPreviousDay("America/Moncton", "2005-10-29T03:01:00");
         assertKnownMovesBacktoPreviousDay("America/St_Johns", "2010-11-07T02:31:00");
         assertKnownMovesBacktoPreviousDay("Canada/Newfoundland", "2010-11-07T02:31:00");
-        if (JavaVersion.current().compareTo(JavaVersion.parse("11")) > 0) {
-            // Added in java 12
-            assertKnownMovesBacktoPreviousDay("Pacific/Guam", "1969-01-25T13:01:00");
-            assertKnownMovesBacktoPreviousDay("Pacific/Saipan", "1969-01-25T13:01:00");
-        }
+        assertKnownMovesBacktoPreviousDay("Pacific/Guam", "1969-01-25T13:01:00");
+        assertKnownMovesBacktoPreviousDay("Pacific/Saipan", "1969-01-25T13:01:00");
     }
 
     private void assertKnownMovesBacktoPreviousDay(String zone, String time) {
diff --git a/server/src/test/java/org/elasticsearch/index/mapper/DateFieldMapperTests.java b/server/src/test/java/org/elasticsearch/index/mapper/DateFieldMapperTests.java
index 7ad83ef301b9e..fb59a1d2693c6 100644
--- a/server/src/test/java/org/elasticsearch/index/mapper/DateFieldMapperTests.java
+++ b/server/src/test/java/org/elasticsearch/index/mapper/DateFieldMapperTests.java
@@ -15,7 +15,6 @@
 import org.elasticsearch.common.time.DateUtils;
 import org.elasticsearch.index.mapper.DateFieldMapper.DateFieldType;
 import org.elasticsearch.index.termvectors.TermVectorsService;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.search.DocValueFormat;
 import org.elasticsearch.xcontent.XContentBuilder;
 
@@ -173,8 +172,6 @@ public void testChangeFormat() throws IOException {
     }
 
     public void testChangeLocale() throws IOException {
-        assumeTrue("need java 9 for testing ", JavaVersion.current().compareTo(JavaVersion.parse("9")) >= 0);
-
         DocumentMapper mapper = createDocumentMapper(
             fieldMapping(b -> b.field("type", "date").field("format", "E, d MMM yyyy HH:mm:ss Z").field("locale", "de"))
         );
diff --git a/server/src/test/java/org/elasticsearch/indices/recovery/RecoverySettingsTests.java b/server/src/test/java/org/elasticsearch/indices/recovery/RecoverySettingsTests.java
index 3dfa135b4d8d1..3a72b98819a84 100644
--- a/server/src/test/java/org/elasticsearch/indices/recovery/RecoverySettingsTests.java
+++ b/server/src/test/java/org/elasticsearch/indices/recovery/RecoverySettingsTests.java
@@ -16,7 +16,6 @@
 import org.elasticsearch.common.unit.ByteSizeValue;
 import org.elasticsearch.core.Nullable;
 import org.elasticsearch.core.Releasable;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.ESTestCase;
 
 import java.util.ArrayList;
@@ -32,7 +31,6 @@
 import static org.elasticsearch.indices.recovery.RecoverySettings.INDICES_RECOVERY_MAX_CONCURRENT_SNAPSHOT_FILE_DOWNLOADS;
 import static org.elasticsearch.indices.recovery.RecoverySettings.INDICES_RECOVERY_MAX_CONCURRENT_SNAPSHOT_FILE_DOWNLOADS_PER_NODE;
 import static org.elasticsearch.indices.recovery.RecoverySettings.INDICES_RECOVERY_USE_SNAPSHOTS_SETTING;
-import static org.elasticsearch.indices.recovery.RecoverySettings.JAVA_VERSION_OVERRIDING_TEST_SETTING;
 import static org.elasticsearch.indices.recovery.RecoverySettings.NODE_BANDWIDTH_RECOVERY_DISK_READ_SETTING;
 import static org.elasticsearch.indices.recovery.RecoverySettings.NODE_BANDWIDTH_RECOVERY_DISK_WRITE_SETTING;
 import static org.elasticsearch.indices.recovery.RecoverySettings.NODE_BANDWIDTH_RECOVERY_NETWORK_SETTING;
@@ -309,7 +307,6 @@ public void testDefaultMaxBytesPerSecOnColdOrFrozenNodeWithOldJvm() {
         assertThat(
             "Data nodes with only cold/frozen data roles have a default 40mb rate limit on Java version prior to 14",
             nodeRecoverySettings().withRoles(randomFrom(Set.of("data_cold"), Set.of("data_frozen"), Set.of("data_cold", "data_frozen")))
-                .withJavaVersion(randomFrom("8", "9", "11"))
                 .withRandomMemory()
                 .build()
                 .getMaxBytesPerSec(),
@@ -319,13 +316,11 @@ public void testDefaultMaxBytesPerSecOnColdOrFrozenNodeWithOldJvm() {
 
     public void testDefaultMaxBytesPerSecOnColdOrFrozenNode() {
         final Set<String> dataRoles = randomFrom(Set.of("data_cold"), Set.of("data_frozen"), Set.of("data_cold", "data_frozen"));
-        final String recentVersion = JavaVersion.current().compareTo(JavaVersion.parse("14")) < 0 ? "14" : null;
         {
             assertThat(
                 "Dedicated cold/frozen data nodes with <= 4GB of RAM have a default 40mb rate limit",
                 nodeRecoverySettings().withRoles(dataRoles)
                     .withMemory(ByteSizeValue.ofBytes(randomLongBetween(1L, ByteSizeUnit.GB.toBytes(4L))))
-                    .withJavaVersion(recentVersion)
                     .build()
                     .getMaxBytesPerSec(),
                 equalTo(new ByteSizeValue(40, ByteSizeUnit.MB))
@@ -336,7 +331,6 @@ public void testDefaultMaxBytesPerSecOnColdOrFrozenNode() {
                 "Dedicated cold/frozen data nodes with 4GB < RAM <= 8GB have a default 60mb rate limit",
                 nodeRecoverySettings().withRoles(dataRoles)
                     .withMemory(ByteSizeValue.ofBytes(randomLongBetween(ByteSizeUnit.GB.toBytes(4L) + 1L, ByteSizeUnit.GB.toBytes(8L))))
-                    .withJavaVersion(recentVersion)
                     .build()
                     .getMaxBytesPerSec(),
                 equalTo(new ByteSizeValue(60, ByteSizeUnit.MB))
@@ -347,7 +341,6 @@ public void testDefaultMaxBytesPerSecOnColdOrFrozenNode() {
                 "Dedicated cold/frozen data nodes with 8GB < RAM <= 16GB have a default 90mb rate limit",
                 nodeRecoverySettings().withRoles(dataRoles)
                     .withMemory(ByteSizeValue.ofBytes(randomLongBetween(ByteSizeUnit.GB.toBytes(8L) + 1L, ByteSizeUnit.GB.toBytes(16L))))
-                    .withJavaVersion(recentVersion)
                     .build()
                     .getMaxBytesPerSec(),
                 equalTo(new ByteSizeValue(90, ByteSizeUnit.MB))
@@ -358,7 +351,6 @@ public void testDefaultMaxBytesPerSecOnColdOrFrozenNode() {
                 "Dedicated cold/frozen data nodes with 16GB < RAM <= 32GB have a default 90mb rate limit",
                 nodeRecoverySettings().withRoles(dataRoles)
                     .withMemory(ByteSizeValue.ofBytes(randomLongBetween(ByteSizeUnit.GB.toBytes(16L) + 1L, ByteSizeUnit.GB.toBytes(32L))))
-                    .withJavaVersion(recentVersion)
                     .build()
                     .getMaxBytesPerSec(),
                 equalTo(new ByteSizeValue(125, ByteSizeUnit.MB))
@@ -369,7 +361,6 @@ public void testDefaultMaxBytesPerSecOnColdOrFrozenNode() {
                 "Dedicated cold/frozen data nodes with RAM > 32GB have a default 250mb rate limit",
                 nodeRecoverySettings().withRoles(dataRoles)
                     .withMemory(ByteSizeValue.ofBytes(randomLongBetween(ByteSizeUnit.GB.toBytes(32L) + 1L, ByteSizeUnit.TB.toBytes(4L))))
-                    .withJavaVersion(recentVersion)
                     .build()
                     .getMaxBytesPerSec(),
                 equalTo(new ByteSizeValue(250, ByteSizeUnit.MB))
@@ -382,7 +373,6 @@ public void testMaxBytesPerSecOnColdOrFrozenNodeWithIndicesRecoveryMaxBytesPerSe
         assertThat(
             "Dedicated cold/frozen data nodes should use the defined rate limit when set",
             nodeRecoverySettings().withRoles(randomFrom(Set.of("data_cold"), Set.of("data_frozen"), Set.of("data_cold", "data_frozen")))
-                .withJavaVersion(JavaVersion.current().compareTo(JavaVersion.parse("14")) < 0 ? "14" : null)
                 .withMemory(ByteSizeValue.ofBytes(randomLongBetween(1L, ByteSizeUnit.TB.toBytes(4L))))
                 .withIndicesRecoveryMaxBytesPerSec(random)
                 .build()
@@ -425,7 +415,6 @@ private static class NodeRecoverySettings {
 
         private Set<String> roles;
         private ByteSizeValue physicalMemory;
-        private @Nullable String javaVersion;
         private @Nullable ByteSizeValue networkBandwidth;
         private @Nullable ByteSizeValue diskReadBandwidth;
         private @Nullable ByteSizeValue diskWriteBandwidth;
@@ -452,11 +441,6 @@ NodeRecoverySettings withRandomMemory() {
             return withMemory(ByteSizeValue.ofBytes(randomLongBetween(ByteSizeUnit.GB.toBytes(1L), ByteSizeUnit.TB.toBytes(4L))));
         }
 
-        NodeRecoverySettings withJavaVersion(String javaVersion) {
-            this.javaVersion = javaVersion;
-            return this;
-        }
-
         NodeRecoverySettings withIndicesRecoveryMaxBytesPerSec(ByteSizeValue indicesRecoveryMaxBytesPerSec) {
             this.indicesRecoveryMaxBytesPerSec = Objects.requireNonNull(indicesRecoveryMaxBytesPerSec);
             return this;
@@ -509,9 +493,6 @@ RecoverySettings build() {
             if (roles.isEmpty() == false) {
                 settings.putList(NODE_ROLES_SETTING.getKey(), new ArrayList<>(roles));
             }
-            if (javaVersion != null) {
-                settings.put(JAVA_VERSION_OVERRIDING_TEST_SETTING.getKey(), javaVersion);
-            }
             if (indicesRecoveryMaxBytesPerSec != null) {
                 settings.put(INDICES_RECOVERY_MAX_BYTES_PER_SEC_SETTING.getKey(), indicesRecoveryMaxBytesPerSec);
             }
diff --git a/server/src/test/java/org/elasticsearch/monitor/jvm/JvmInfoTests.java b/server/src/test/java/org/elasticsearch/monitor/jvm/JvmInfoTests.java
index db29f1a7d08f1..74dda255af443 100644
--- a/server/src/test/java/org/elasticsearch/monitor/jvm/JvmInfoTests.java
+++ b/server/src/test/java/org/elasticsearch/monitor/jvm/JvmInfoTests.java
@@ -9,7 +9,6 @@
 package org.elasticsearch.monitor.jvm;
 
 import org.apache.lucene.util.Constants;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.ESTestCase;
 
 public class JvmInfoTests extends ESTestCase {
@@ -28,15 +27,13 @@ public void testUseG1GC() {
     private boolean isG1GCEnabled() {
         final String argline = System.getProperty("tests.jvm.argline");
         final boolean g1GCEnabled = flagIsEnabled(argline, "UseG1GC");
-        // for JDK 9 the default collector when no collector is specified is G1 GC
-        final boolean versionIsAtLeastJava9 = JavaVersion.current().compareTo(JavaVersion.parse("9")) >= 0;
         final boolean noOtherCollectorSpecified = argline == null
             || (flagIsEnabled(argline, "UseParNewGC") == false
                 && flagIsEnabled(argline, "UseParallelGC") == false
                 && flagIsEnabled(argline, "UseParallelOldGC") == false
                 && flagIsEnabled(argline, "UseSerialGC") == false
                 && flagIsEnabled(argline, "UseConcMarkSweepGC") == false);
-        return g1GCEnabled || (versionIsAtLeastJava9 && noOtherCollectorSpecified);
+        return g1GCEnabled || noOtherCollectorSpecified;
     }
 
     private boolean flagIsEnabled(String argline, String flag) {
diff --git a/server/src/test/java/org/elasticsearch/plugins/IndexStorePluginTests.java b/server/src/test/java/org/elasticsearch/plugins/IndexStorePluginTests.java
index f335b29c49c82..7d695a238f242 100644
--- a/server/src/test/java/org/elasticsearch/plugins/IndexStorePluginTests.java
+++ b/server/src/test/java/org/elasticsearch/plugins/IndexStorePluginTests.java
@@ -14,7 +14,6 @@
 import org.elasticsearch.index.IndexModule;
 import org.elasticsearch.index.store.FsDirectoryFactory;
 import org.elasticsearch.indices.recovery.RecoveryState;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.node.MockNode;
 import org.elasticsearch.test.ESTestCase;
 
@@ -110,25 +109,16 @@ public void testDuplicateIndexStoreFactories() {
             IllegalStateException.class,
             () -> new MockNode(settings, Arrays.asList(BarStorePlugin.class, FooStorePlugin.class))
         );
-        if (JavaVersion.current().compareTo(JavaVersion.parse("9")) >= 0) {
-            assertThat(
-                e,
-                hasToString(
-                    matches(
-                        "java.lang.IllegalStateException: Duplicate key store \\(attempted merging values "
-                            + "org.elasticsearch.index.store.FsDirectoryFactory@[\\w\\d]+ "
-                            + "and org.elasticsearch.index.store.FsDirectoryFactory@[\\w\\d]+\\)"
-                    )
-                )
-            );
-        } else {
-            assertThat(
-                e,
-                hasToString(
-                    matches("java.lang.IllegalStateException: Duplicate key org.elasticsearch.index.store.FsDirectoryFactory@[\\w\\d]+")
+        assertThat(
+            e,
+            hasToString(
+                matches(
+                    "java.lang.IllegalStateException: Duplicate key store \\(attempted merging values "
+                        + "org.elasticsearch.index.store.FsDirectoryFactory@[\\w\\d]+ "
+                        + "and org.elasticsearch.index.store.FsDirectoryFactory@[\\w\\d]+\\)"
                 )
-            );
-        }
+            )
+        );
     }
 
     public void testDuplicateIndexStoreRecoveryStateFactories() {
@@ -137,18 +127,6 @@ public void testDuplicateIndexStoreRecoveryStateFactories() {
             IllegalStateException.class,
             () -> new MockNode(settings, Arrays.asList(FooCustomRecoveryStore.class, BarCustomRecoveryStore.class))
         );
-        if (JavaVersion.current().compareTo(JavaVersion.parse("9")) >= 0) {
-            assertThat(e.getMessage(), containsString("Duplicate key recovery-type"));
-        } else {
-            assertThat(
-                e,
-                hasToString(
-                    matches(
-                        "java.lang.IllegalStateException: Duplicate key "
-                            + "org.elasticsearch.plugins.IndexStorePluginTests$RecoveryFactory@[\\w\\d]+"
-                    )
-                )
-            );
-        }
+        assertThat(e.getMessage(), containsString("Duplicate key recovery-type"));
     }
 }
diff --git a/test/framework/src/main/java/org/elasticsearch/test/junit/listeners/ReproduceInfoPrinter.java b/test/framework/src/main/java/org/elasticsearch/test/junit/listeners/ReproduceInfoPrinter.java
index 024eb08094e2c..4c8fc4016f0b7 100644
--- a/test/framework/src/main/java/org/elasticsearch/test/junit/listeners/ReproduceInfoPrinter.java
+++ b/test/framework/src/main/java/org/elasticsearch/test/junit/listeners/ReproduceInfoPrinter.java
@@ -14,7 +14,6 @@
 import org.apache.lucene.util.Constants;
 import org.elasticsearch.common.Strings;
 import org.elasticsearch.core.SuppressForbidden;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.ESIntegTestCase;
 import org.elasticsearch.test.ESTestCase;
 import org.junit.internal.AssumptionViolatedException;
@@ -169,7 +168,7 @@ private ReproduceErrorMessageBuilder appendESProperties() {
             appendOpt("tests.locale", Locale.getDefault().toLanguageTag());
             appendOpt("tests.timezone", TimeZone.getDefault().getID());
             appendOpt("tests.distribution", System.getProperty("tests.distribution"));
-            appendOpt("runtime.java", Integer.toString(JavaVersion.current().getVersion().get(0)));
+            appendOpt("runtime.java", Integer.toString(Runtime.version().feature()));
             appendOpt("license.key", System.getProperty("licence.key"));
             appendOpt(ESTestCase.FIPS_SYSPROP, System.getProperty(ESTestCase.FIPS_SYSPROP));
             return this;
diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java
index 2d48db3dc6eb1..1b1916c2ce72d 100644
--- a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java
+++ b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java
@@ -13,7 +13,6 @@
 import org.elasticsearch.common.settings.Setting.Property;
 import org.elasticsearch.common.ssl.SslClientAuthenticationMode;
 import org.elasticsearch.common.ssl.SslVerificationMode;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.xpack.core.security.SecurityField;
 import org.elasticsearch.xpack.core.security.authc.support.Hasher;
 import org.elasticsearch.xpack.core.ssl.SSLConfigurationSettings;
@@ -25,7 +24,6 @@
 import java.util.List;
 import java.util.Locale;
 import java.util.function.Function;
-
 import javax.crypto.SecretKeyFactory;
 import javax.net.ssl.SSLContext;
 
@@ -153,33 +151,6 @@ private XPackSettings() {
         Property.NodeScope
     );
 
-    /*
-     * SSL settings. These are the settings that are specifically registered for SSL. Many are private as we do not explicitly use them
-     * but instead parse based on a prefix (eg *.ssl.*)
-     */
-    private static final List<String> JDK11_CIPHERS = List.of(
-        "TLS_AES_256_GCM_SHA384",
-        "TLS_AES_128_GCM_SHA256", // TLSv1.3 cipher has PFS, AEAD, hardware support
-        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", // PFS, AEAD, hardware support
-        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", // PFS, AEAD, hardware support
-        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", // PFS, hardware support
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", // PFS, hardware support
-        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", // PFS, hardware support
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", // PFS, hardware support
-        "TLS_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_RSA_WITH_AES_128_GCM_SHA256", // AEAD, hardware support
-        "TLS_RSA_WITH_AES_256_CBC_SHA256",
-        "TLS_RSA_WITH_AES_128_CBC_SHA256", // hardware support
-        "TLS_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_RSA_WITH_AES_128_CBC_SHA"
-    ); // hardware support
-
     private static final List<String> JDK12_CIPHERS = List.of(
         "TLS_AES_256_GCM_SHA384",
         "TLS_AES_128_GCM_SHA256", // TLSv1.3 cipher has PFS, AEAD, hardware support
@@ -206,9 +177,7 @@ private XPackSettings() {
         "TLS_RSA_WITH_AES_128_CBC_SHA"
     ); // hardware support
 
-    public static final List<String> DEFAULT_CIPHERS = JavaVersion.current().compareTo(JavaVersion.parse("12")) > -1
-        ? JDK12_CIPHERS
-        : JDK11_CIPHERS;
+    public static final List<String> DEFAULT_CIPHERS = JDK12_CIPHERS;
 
     /*
      * Do not allow insecure hashing algorithms to be used for password hashing
diff --git a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java
index 5ca431fcb149d..19ad6bdc05d3d 100644
--- a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java
+++ b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java
@@ -8,11 +8,9 @@
 
 import org.elasticsearch.Build;
 import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.ESTestCase;
 
 import java.security.NoSuchAlgorithmException;
-
 import javax.crypto.SecretKeyFactory;
 
 import static org.elasticsearch.xpack.core.security.authc.RealmSettings.DOMAIN_TO_REALM_ASSOC_SETTING;
@@ -21,7 +19,6 @@
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasItem;
 import static org.hamcrest.Matchers.hasSize;
-import static org.hamcrest.Matchers.not;
 
 public class XPackSettingsTests extends ESTestCase {
 
@@ -31,19 +28,11 @@ public void testDefaultSSLCiphers() {
     }
 
     public void testChaCha20InCiphersOnJdk12Plus() {
-        assumeTrue("Test is only valid on JDK 12+ JVM", JavaVersion.current().compareTo(JavaVersion.parse("12")) > -1);
         assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_CHACHA20_POLY1305_SHA256"));
         assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"));
         assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"));
     }
 
-    public void testChaCha20NotInCiphersOnPreJdk12() {
-        assumeTrue("Test is only valid on pre JDK 12 JVM", JavaVersion.current().compareTo(JavaVersion.parse("12")) < 0);
-        assertThat(XPackSettings.DEFAULT_CIPHERS, not(hasItem("TLS_CHACHA20_POLY1305_SHA256")));
-        assertThat(XPackSettings.DEFAULT_CIPHERS, not(hasItem("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256")));
-        assertThat(XPackSettings.DEFAULT_CIPHERS, not(hasItem("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256")));
-    }
-
     public void testPasswordHashingAlgorithmSettingValidation() {
         final boolean isPBKDF2Available = isSecretkeyFactoryAlgoAvailable("PBKDF2WithHMACSHA512");
         final String pbkdf2Algo = randomFrom("PBKDF2_10000", "PBKDF2");
diff --git a/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterSslIT.java b/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterSslIT.java
index 6634f8293dddd..0f8d3f0323dd8 100644
--- a/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterSslIT.java
+++ b/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterSslIT.java
@@ -6,8 +6,6 @@
  */
 package org.elasticsearch.xpack.monitoring.exporter.http;
 
-import com.sun.net.httpserver.HttpsServer;
-
 import org.elasticsearch.action.ActionFuture;
 import org.elasticsearch.action.admin.cluster.settings.ClusterUpdateSettingsRequest;
 import org.elasticsearch.action.admin.cluster.settings.ClusterUpdateSettingsResponse;
@@ -15,7 +13,6 @@
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.ssl.SslVerificationMode;
 import org.elasticsearch.env.TestEnvironment;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.ESIntegTestCase;
 import org.elasticsearch.test.ESIntegTestCase.Scope;
 import org.elasticsearch.test.http.MockWebServer;
@@ -31,11 +28,7 @@
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.util.List;
 import java.util.Locale;
-
 import javax.net.ssl.SSLContext;
 
 import static org.hamcrest.Matchers.containsString;
@@ -104,7 +97,7 @@ private MockWebServer buildWebServer() throws IOException {
             .put("xpack.transport.security.ssl.certificate", cert)
             .put("xpack.transport.security.ssl.key", key)
             .put("xpack.transport.security.ssl.key_passphrase", "testnode")
-            .putList("xpack.transport.security.ssl.supported_protocols", getProtocols())
+            .putList("xpack.transport.security.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
             .put(globalSettings)
             .build();
 
@@ -195,22 +188,4 @@ private void clearPersistentSettings(String... names) {
         updateSettings.persistentSettings(builder.build());
         client().admin().cluster().updateSettings(updateSettings).actionGet();
     }
-
-    /**
-     * The {@link HttpsServer} in the JDK has issues with TLSv1.3 when running in a JDK prior to
-     * 12.0.1 so we pin to TLSv1.2 when running on an earlier JDK
-     */
-    private static List<String> getProtocols() {
-        if (JavaVersion.current().compareTo(JavaVersion.parse("12")) < 0) {
-            return List.of("TLSv1.2");
-        } else {
-            JavaVersion full = AccessController.doPrivileged(
-                (PrivilegedAction<JavaVersion>) () -> JavaVersion.parse(System.getProperty("java.version"))
-            );
-            if (full.compareTo(JavaVersion.parse("12.0.1")) < 0) {
-                return List.of("TLSv1.2");
-            }
-        }
-        return XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS;
-    }
 }
diff --git a/x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java b/x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java
index 88e413b05aaff..e146f44d9b555 100644
--- a/x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java
+++ b/x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java
@@ -20,7 +20,6 @@
 import org.elasticsearch.common.settings.SecureString;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.ssl.SslClientAuthenticationMode;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.SecurityIntegTestCase;
 import org.elasticsearch.xpack.core.XPackSettings;
 import org.elasticsearch.xpack.core.ssl.CertParsingUtils;
@@ -30,13 +29,10 @@
 import java.io.InputStream;
 import java.io.UncheckedIOException;
 import java.nio.file.Path;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.security.SecureRandom;
 import java.security.cert.CertPathBuilderException;
 import java.util.HashSet;
 import java.util.List;
-
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
@@ -89,7 +85,7 @@ protected Settings nodeSettings(int nodeOrdinal, Settings otherSettings) {
             // Due to the TLSv1.3 bug with session resumption when client authentication is not
             // used, we need to set the protocols since we disabled client auth for transport
             // to avoid failures on pre 11.0.3 JDKs. See #getProtocols
-            .putList("xpack.security.transport.ssl.supported_protocols", getProtocols())
+            .putList("xpack.security.transport.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
             .put("xpack.security.http.ssl.enabled", true)
             .put("xpack.security.http.ssl.client_authentication", SslClientAuthenticationMode.REQUIRED)
             .build();
@@ -161,19 +157,4 @@ private byte[] toByteArray(InputStream is) throws IOException {
         }
         return baos.toByteArray();
     }
-
-    /**
-     * TLSv1.3 when running in a JDK prior to 11.0.3 has a race condition when multiple simultaneous connections are established. See
-     * JDK-8213202. This issue is not triggered when using client authentication, which we do by default for transport connections.
-     * However if client authentication is turned off and TLSv1.3 is used on the affected JVMs then we will hit this issue.
-     */
-    private static List<String> getProtocols() {
-        JavaVersion full = AccessController.doPrivileged(
-            (PrivilegedAction<JavaVersion>) () -> JavaVersion.parse(System.getProperty("java.version"))
-        );
-        if (full.compareTo(JavaVersion.parse("11.0.3")) < 0) {
-            return List.of("TLSv1.2");
-        }
-        return XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS;
-    }
 }
diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlRealmTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlRealmTests.java
index 8fafa495e6144..4f80caffd5c31 100644
--- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlRealmTests.java
+++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlRealmTests.java
@@ -6,8 +6,6 @@
  */
 package org.elasticsearch.xpack.security.authc.saml;
 
-import com.sun.net.httpserver.HttpsServer;
-
 import org.apache.logging.log4j.message.ParameterizedMessage;
 import org.elasticsearch.action.ActionListener;
 import org.elasticsearch.action.support.PlainActionFuture;
@@ -19,7 +17,6 @@
 import org.elasticsearch.core.Tuple;
 import org.elasticsearch.env.Environment;
 import org.elasticsearch.env.TestEnvironment;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.license.MockLicenseState;
 import org.elasticsearch.test.http.MockResponse;
 import org.elasticsearch.test.http.MockWebServer;
@@ -58,10 +55,8 @@
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.AccessController;
 import java.security.KeyStore;
 import java.security.PrivateKey;
-import java.security.PrivilegedAction;
 import java.security.PrivilegedActionException;
 import java.security.PublicKey;
 import java.security.cert.Certificate;
@@ -150,7 +145,7 @@ public void testReadIdpMetadataFromHttps() throws Exception {
                 "xpack.security.http.ssl.certificate_authorities",
                 getDataPath("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/testnode.crt")
             )
-            .putList("xpack.security.http.ssl.supported_protocols", getProtocols())
+            .putList("xpack.security.http.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
             .put("path.home", createTempDir())
             .setSecureSettings(mockSecureSettings)
             .build();
@@ -884,22 +879,4 @@ private void assertIdp1MetadataParsedCorrectly(EntityDescriptor descriptor) {
         assertEquals(SAMLConstants.SAML2_POST_BINDING_URI, ssoServices.get(0).getBinding());
         assertEquals(SAMLConstants.SAML2_REDIRECT_BINDING_URI, ssoServices.get(1).getBinding());
     }
-
-    /**
-     * The {@link HttpsServer} in the JDK has issues with TLSv1.3 when running in a JDK prior to
-     * 12.0.1 so we pin to TLSv1.2 when running on an earlier JDK
-     */
-    private static List<String> getProtocols() {
-        if (JavaVersion.current().compareTo(JavaVersion.parse("12")) < 0) {
-            return List.of("TLSv1.2");
-        } else {
-            JavaVersion full = AccessController.doPrivileged(
-                (PrivilegedAction<JavaVersion>) () -> JavaVersion.parse(System.getProperty("java.version"))
-            );
-            if (full.compareTo(JavaVersion.parse("12.0.1")) < 0) {
-                return List.of("TLSv1.2");
-            }
-        }
-        return XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS;
-    }
 }
diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/SSLDriverTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/SSLDriverTests.java
index 3edf9fa793d5b..5675ccef9ad61 100644
--- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/SSLDriverTests.java
+++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/SSLDriverTests.java
@@ -6,7 +6,6 @@
  */
 package org.elasticsearch.xpack.security.transport.nio;
 
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.nio.FlushOperation;
 import org.elasticsearch.nio.InboundChannelBuffer;
 import org.elasticsearch.nio.Page;
@@ -172,18 +171,11 @@ public void testHandshakeFailureBecauseProtocolMismatch() throws Exception {
             serverProtocols = new String[] { "TLSv1.2" };
             clientProtocols = new String[] { "TLSv1.1" };
             expectedMessageMatcher = is("org.bouncycastle.tls.TlsFatalAlert: protocol_version(70)");
-        } else if (JavaVersion.current().compareTo(JavaVersion.parse("16")) >= 0) {
+        } else {
             // JDK16 https://jdk.java.net/16/release-notes does not permit protocol TLSv1.1 OOB
             serverProtocols = new String[] { "TLSv1.3" };
             clientProtocols = new String[] { "TLSv1.2" };
             expectedMessageMatcher = is("The client supported protocol versions [TLSv1.2] are not accepted by server preferences [TLS13]");
-        } else {
-            serverProtocols = new String[] { "TLSv1.2" };
-            clientProtocols = new String[] { "TLSv1.1" };
-            expectedMessageMatcher = anyOf(
-                is("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"),
-                is("The client supported protocol versions [TLSv1.1] are not accepted by server preferences [TLS12]")
-            );
         }
 
         serverEngine.setEnabledProtocols(serverProtocols);
@@ -238,7 +230,7 @@ public void testHandshakeFailureBecauseNoCiphers() throws Exception {
     public void testCloseDuringHandshakeJDK11() throws Exception {
         assumeTrue(
             "this tests ssl engine for JDK11",
-            JavaVersion.current().compareTo(JavaVersion.parse("11")) >= 0 && inFipsJvm() == false
+            inFipsJvm() == false
         );
         SSLContext sslContext = getSSLContext();
         SSLDriver clientDriver = getDriver(sslContext.createSSLEngine(), true);
@@ -276,39 +268,6 @@ public void testCloseDuringHandshakeJDK11() throws Exception {
         serverDriver.read(networkReadBuffer, applicationBuffer);
     }
 
-    public void testCloseDuringHandshakePreJDK11() throws Exception {
-        assumeTrue("this tests ssl engine for pre-JDK11", JavaVersion.current().compareTo(JavaVersion.parse("11")) < 0);
-        SSLContext sslContext = getSSLContext();
-        SSLDriver clientDriver = getDriver(sslContext.createSSLEngine(), true);
-        SSLDriver serverDriver = getDriver(sslContext.createSSLEngine(), false);
-
-        clientDriver.init();
-        serverDriver.init();
-
-        assertTrue(clientDriver.getOutboundBuffer().hasEncryptedBytesToFlush());
-        sendHandshakeMessages(clientDriver, serverDriver);
-        sendHandshakeMessages(serverDriver, clientDriver);
-
-        assertFalse(clientDriver.readyForApplicationData());
-        assertFalse(serverDriver.readyForApplicationData());
-
-        serverDriver.initiateClose();
-        assertTrue(serverDriver.getOutboundBuffer().hasEncryptedBytesToFlush());
-        assertFalse(serverDriver.isClosed());
-        sendNonApplicationWrites(serverDriver);
-        // We are immediately fully closed due to SSLEngine inconsistency
-        assertTrue(serverDriver.isClosed());
-        // This should not throw exception yet as the SSLEngine will not UNWRAP data while attempting to WRAP
-        clientDriver.read(networkReadBuffer, applicationBuffer);
-        sendNonApplicationWrites(clientDriver);
-        SSLException sslException = expectThrows(SSLException.class, () -> clientDriver.read(networkReadBuffer, applicationBuffer));
-        assertEquals("Received close_notify during handshake", sslException.getMessage());
-        assertTrue(clientDriver.getOutboundBuffer().hasEncryptedBytesToFlush());
-        sendNonApplicationWrites(clientDriver);
-        serverDriver.read(networkReadBuffer, applicationBuffer);
-        assertTrue(clientDriver.isClosed());
-    }
-
     private void failedCloseAlert(SSLDriver sendDriver, SSLDriver receiveDriver, List<String> messages) throws SSLException {
         assertTrue(sendDriver.getOutboundBuffer().hasEncryptedBytesToFlush());
         assertFalse(sendDriver.isClosed());
diff --git a/x-pack/plugin/sql/src/test/java/org/elasticsearch/xpack/sql/expression/function/scalar/datetime/NamedDateTimeProcessorTests.java b/x-pack/plugin/sql/src/test/java/org/elasticsearch/xpack/sql/expression/function/scalar/datetime/NamedDateTimeProcessorTests.java
index 5e5452dbfbcdb..c4bb7e4b5bf72 100644
--- a/x-pack/plugin/sql/src/test/java/org/elasticsearch/xpack/sql/expression/function/scalar/datetime/NamedDateTimeProcessorTests.java
+++ b/x-pack/plugin/sql/src/test/java/org/elasticsearch/xpack/sql/expression/function/scalar/datetime/NamedDateTimeProcessorTests.java
@@ -8,7 +8,6 @@
 
 import org.elasticsearch.common.Strings;
 import org.elasticsearch.common.io.stream.Writeable.Reader;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.xpack.sql.AbstractSqlWireSerializingTestCase;
 import org.elasticsearch.xpack.sql.expression.function.scalar.datetime.NamedDateTimeProcessor.NameExtractor;
 import org.junit.Assume;
@@ -47,7 +46,7 @@ protected ZoneId instanceZoneId(NamedDateTimeProcessor instance) {
     }
 
     public void testValidDayNamesInUTC() {
-        assumeJava9PlusAndCompatLocaleProviderSetting();
+        assumeCompatLocaleProviderSetting();
         NamedDateTimeProcessor proc = new NamedDateTimeProcessor(NameExtractor.DAY_NAME, UTC);
         assertEquals("Thursday", proc.process(dateTime(0L)));
         assertEquals("Saturday", proc.process(dateTime(-64164233612338L)));
@@ -60,7 +59,7 @@ public void testValidDayNamesInUTC() {
     }
 
     public void testValidDayNamesWithNonUTCTimeZone() {
-        assumeJava9PlusAndCompatLocaleProviderSetting();
+        assumeCompatLocaleProviderSetting();
         NamedDateTimeProcessor proc = new NamedDateTimeProcessor(NameExtractor.DAY_NAME, ZoneId.of("GMT-10:00"));
         assertEquals("Wednesday", proc.process(dateTime(0)));
         assertEquals("Friday", proc.process(dateTime(-64164233612338L)));
@@ -74,7 +73,7 @@ public void testValidDayNamesWithNonUTCTimeZone() {
     }
 
     public void testValidMonthNamesInUTC() {
-        assumeJava9PlusAndCompatLocaleProviderSetting();
+        assumeCompatLocaleProviderSetting();
         NamedDateTimeProcessor proc = new NamedDateTimeProcessor(NameExtractor.MONTH_NAME, UTC);
         assertEquals("January", proc.process(dateTime(0)));
         assertEquals("September", proc.process(dateTime(-64165813612338L)));
@@ -87,7 +86,7 @@ public void testValidMonthNamesInUTC() {
     }
 
     public void testValidMonthNamesWithNonUTCTimeZone() {
-        assumeJava9PlusAndCompatLocaleProviderSetting();
+        assumeCompatLocaleProviderSetting();
         NamedDateTimeProcessor proc = new NamedDateTimeProcessor(NameExtractor.MONTH_NAME, ZoneId.of("GMT-03:00"));
         assertEquals("December", proc.process(dateTime(0)));
         assertEquals("August", proc.process(dateTime(-64165813612338L))); // GMT: Tuesday, September 1, -0064 2:53:07.662 AM
@@ -107,11 +106,7 @@ public void testValidMonthNamesWithNonUTCTimeZone() {
      *
      * Related infra issue: https://github.com/elastic/elasticsearch/issues/33796
      */
-    private void assumeJava9PlusAndCompatLocaleProviderSetting() {
-        // at least Java 9
-        if (JavaVersion.current().compareTo(JavaVersion.parse("9")) < 0) {
-            return;
-        }
+    private void assumeCompatLocaleProviderSetting() {
         String beforeJava9CompatibleLocale = System.getProperty("java.locale.providers");
         // and COMPAT setting needs to be first on the list
         boolean isBeforeJava9Compatible = beforeJava9CompatibleLocale != null
diff --git a/x-pack/plugin/watcher/src/internalClusterTest/java/org/elasticsearch/xpack/watcher/actions/webhook/WebhookHttpsIntegrationTests.java b/x-pack/plugin/watcher/src/internalClusterTest/java/org/elasticsearch/xpack/watcher/actions/webhook/WebhookHttpsIntegrationTests.java
index f60b23eff9d70..0b5d20ffb7b4e 100644
--- a/x-pack/plugin/watcher/src/internalClusterTest/java/org/elasticsearch/xpack/watcher/actions/webhook/WebhookHttpsIntegrationTests.java
+++ b/x-pack/plugin/watcher/src/internalClusterTest/java/org/elasticsearch/xpack/watcher/actions/webhook/WebhookHttpsIntegrationTests.java
@@ -6,13 +6,10 @@
  */
 package org.elasticsearch.xpack.watcher.actions.webhook;
 
-import com.sun.net.httpserver.HttpsServer;
-
 import org.elasticsearch.action.search.SearchResponse;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.env.Environment;
 import org.elasticsearch.index.query.QueryBuilders;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.test.http.MockResponse;
 import org.elasticsearch.test.http.MockWebServer;
 import org.elasticsearch.xpack.core.XPackSettings;
@@ -32,9 +29,6 @@
 import org.junit.Before;
 
 import java.nio.file.Path;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.util.List;
 
 import static org.elasticsearch.test.hamcrest.ElasticsearchAssertions.assertNoFailures;
 import static org.elasticsearch.xpack.watcher.client.WatchSourceBuilders.watchBuilder;
@@ -60,7 +54,7 @@ protected Settings nodeSettings(int nodeOrdinal, Settings otherSettings) {
             .put("xpack.http.ssl.key", keyPath)
             .put("xpack.http.ssl.certificate", certPath)
             .put("xpack.http.ssl.keystore.password", "testnode")
-            .putList("xpack.http.ssl.supported_protocols", getProtocols())
+            .putList("xpack.http.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
             .build();
     }
 
@@ -142,22 +136,4 @@ public void testHttpsAndBasicAuth() throws Exception {
         assertThat(webServer.requests().get(0).getBody(), equalTo("{key=value}"));
         assertThat(webServer.requests().get(0).getHeader("Authorization"), equalTo("Basic X3VzZXJuYW1lOl9wYXNzd29yZA=="));
     }
-
-    /**
-     * The {@link HttpsServer} in the JDK has issues with TLSv1.3 when running in a JDK prior to
-     * 12.0.1 so we pin to TLSv1.2 when running on an earlier JDK
-     */
-    private static List<String> getProtocols() {
-        if (JavaVersion.current().compareTo(JavaVersion.parse("12")) < 0) {
-            return List.of("TLSv1.2");
-        } else {
-            JavaVersion full = AccessController.doPrivileged(
-                (PrivilegedAction<JavaVersion>) () -> JavaVersion.parse(System.getProperty("java.version"))
-            );
-            if (full.compareTo(JavaVersion.parse("12.0.1")) < 0) {
-                return List.of("TLSv1.2");
-            }
-        }
-        return XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS;
-    }
 }
diff --git a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/common/http/HttpClientTests.java b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/common/http/HttpClientTests.java
index b77e63e79464f..e274020482ba0 100644
--- a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/common/http/HttpClientTests.java
+++ b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/common/http/HttpClientTests.java
@@ -6,8 +6,6 @@
  */
 package org.elasticsearch.xpack.watcher.common.http;
 
-import com.sun.net.httpserver.HttpsServer;
-
 import org.apache.http.HttpHeaders;
 import org.apache.http.HttpHost;
 import org.apache.http.client.ClientProtocolException;
@@ -27,7 +25,6 @@
 import org.elasticsearch.core.Tuple;
 import org.elasticsearch.env.Environment;
 import org.elasticsearch.env.TestEnvironment;
-import org.elasticsearch.jdk.JavaVersion;
 import org.elasticsearch.mocksocket.MockServerSocket;
 import org.elasticsearch.test.ESTestCase;
 import org.elasticsearch.test.http.MockResponse;
@@ -50,17 +47,13 @@
 import java.net.URI;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Path;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashSet;
-import java.util.List;
 import java.util.Locale;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.atomic.AtomicReference;
-
 import javax.net.ssl.SSLContext;
 
 import static org.hamcrest.Matchers.containsInAnyOrder;
@@ -206,7 +199,7 @@ public void testHttps() throws Exception {
                 .put("xpack.security.http.ssl.enabled", true)
                 .put("xpack.security.http.ssl.key", keyPath)
                 .put("xpack.security.http.ssl.certificate", certPath)
-                .putList("xpack.security.http.ssl.supported_protocols", getProtocols())
+                .putList("xpack.security.http.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
                 .setSecureSettings(secureSettings)
                 .build();
 
@@ -236,7 +229,7 @@ public void testHttpsDisableHostnameVerification() throws Exception {
                 .put("xpack.security.http.ssl.enabled", true)
                 .put("xpack.security.http.ssl.key", keyPath)
                 .put("xpack.security.http.ssl.certificate", certPath)
-                .putList("xpack.security.http.ssl.supported_protocols", getProtocols())
+                .putList("xpack.security.http.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
                 .setSecureSettings(secureSettings)
                 .build();
 
@@ -254,7 +247,7 @@ public void testHttpsClientAuth() throws Exception {
             .put(environment.settings())
             .put("xpack.http.ssl.key", keyPath)
             .put("xpack.http.ssl.certificate", certPath)
-            .putList("xpack.http.ssl.supported_protocols", getProtocols())
+            .putList("xpack.http.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
             .setSecureSettings(secureSettings)
             .build();
 
@@ -396,7 +389,7 @@ public void testProxyCanHaveDifferentSchemeThanRequest() throws Exception {
             .put("xpack.http.ssl.key", keyPath)
             .put("xpack.http.ssl.certificate", certPath)
             .put("xpack.security.http.ssl.enabled", false)
-            .putList("xpack.security.http.ssl.supported_protocols", getProtocols())
+            .putList("xpack.security.http.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
             .setSecureSettings(serverSecureSettings)
             .build();
         TestsSSLService sslService = new TestsSSLService(TestEnvironment.newEnvironment(serverSettings));
@@ -411,7 +404,7 @@ public void testProxyCanHaveDifferentSchemeThanRequest() throws Exception {
                 .put(HttpSettings.PROXY_PORT.getKey(), proxyServer.getPort())
                 .put(HttpSettings.PROXY_SCHEME.getKey(), "https")
                 .put("xpack.http.ssl.certificate_authorities", trustedCertPath)
-                .putList("xpack.security.http.ssl.supported_protocols", getProtocols())
+                .putList("xpack.security.http.ssl.supported_protocols", XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS)
                 .put("xpack.security.http.ssl.enabled", false)
                 .build();
 
@@ -832,22 +825,4 @@ public static ClusterService mockClusterService() {
     private String getWebserverUri() {
         return String.format(Locale.ROOT, "http://%s:%s", webServer.getHostName(), webServer.getPort());
     }
-
-    /**
-     * The {@link HttpsServer} in the JDK has issues with TLSv1.3 when running in a JDK prior to
-     * 12.0.1 so we pin to TLSv1.2 when running on an earlier JDK
-     */
-    private static List<String> getProtocols() {
-        if (JavaVersion.current().compareTo(JavaVersion.parse("12")) < 0) {
-            return List.of("TLSv1.2");
-        } else {
-            JavaVersion full = AccessController.doPrivileged(
-                (PrivilegedAction<JavaVersion>) () -> JavaVersion.parse(System.getProperty("java.version"))
-            );
-            if (full.compareTo(JavaVersion.parse("12.0.1")) < 0) {
-                return List.of("TLSv1.2");
-            }
-        }
-        return XPackSettings.DEFAULT_SUPPORTED_PROTOCOLS;
-    }
 }

From e6f4e8cf8022809bff66cd0d17905b2ba03c71f3 Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Fri, 25 Mar 2022 12:25:11 -0700
Subject: [PATCH 2/7] spotless

---
 .../core/src/main/java/org/elasticsearch/jdk/JarHell.java | 8 +-------
 .../elasticsearch/common/ssl/SslConfigurationLoader.java  | 1 +
 .../common/ssl/SslConfigurationLoaderTests.java           | 1 -
 .../transport/netty4/SimpleNetty4TransportTests.java      | 5 +----
 .../transport/nio/SimpleNioTransportTests.java            | 5 +----
 .../java/org/elasticsearch/xpack/core/XPackSettings.java  | 1 +
 .../org/elasticsearch/xpack/core/XPackSettingsTests.java  | 1 +
 .../xpack/monitoring/exporter/http/HttpExporterSslIT.java | 1 +
 .../xpack/ssl/SslClientAuthenticationTests.java           | 1 +
 .../xpack/security/transport/nio/SSLDriverTests.java      | 6 +-----
 .../xpack/watcher/common/http/HttpClientTests.java        | 1 +
 11 files changed, 10 insertions(+), 21 deletions(-)

diff --git a/libs/core/src/main/java/org/elasticsearch/jdk/JarHell.java b/libs/core/src/main/java/org/elasticsearch/jdk/JarHell.java
index 139561c189255..3f0aabcea199c 100644
--- a/libs/core/src/main/java/org/elasticsearch/jdk/JarHell.java
+++ b/libs/core/src/main/java/org/elasticsearch/jdk/JarHell.java
@@ -237,13 +237,7 @@ public static void checkJavaVersion(String resource, String targetVersion) {
         Version version = Version.parse(targetVersion);
         if (Runtime.version().compareTo(version) < 0) {
             throw new IllegalStateException(
-                String.format(
-                    Locale.ROOT,
-                    "%s requires Java %s:, your system: %s",
-                    resource,
-                    targetVersion,
-                    Runtime.version().toString()
-                )
+                String.format(Locale.ROOT, "%s requires Java %s:, your system: %s", resource, targetVersion, Runtime.version().toString())
             );
         }
     }
diff --git a/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java b/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java
index 2659a7c55cfc7..b81b036605f81 100644
--- a/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java
+++ b/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java
@@ -16,6 +16,7 @@
 import java.util.Objects;
 import java.util.function.Function;
 import java.util.stream.Collectors;
+
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.TrustManagerFactory;
 
diff --git a/libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/SslConfigurationLoaderTests.java b/libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/SslConfigurationLoaderTests.java
index 173a19371d0e9..bf5f3d0696cbc 100644
--- a/libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/SslConfigurationLoaderTests.java
+++ b/libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/SslConfigurationLoaderTests.java
@@ -26,7 +26,6 @@
 import static org.hamcrest.Matchers.hasItem;
 import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.is;
-import static org.hamcrest.Matchers.not;
 import static org.hamcrest.Matchers.notNullValue;
 
 public class SslConfigurationLoaderTests extends ESTestCase {
diff --git a/modules/transport-netty4/src/test/java/org/elasticsearch/transport/netty4/SimpleNetty4TransportTests.java b/modules/transport-netty4/src/test/java/org/elasticsearch/transport/netty4/SimpleNetty4TransportTests.java
index a5dd80b58fed8..53ea7f33299c3 100644
--- a/modules/transport-netty4/src/test/java/org/elasticsearch/transport/netty4/SimpleNetty4TransportTests.java
+++ b/modules/transport-netty4/src/test/java/org/elasticsearch/transport/netty4/SimpleNetty4TransportTests.java
@@ -95,10 +95,7 @@ public void testConnectException() throws UnknownHostException {
     }
 
     public void testDefaultKeepAliveSettings() throws IOException {
-        assumeTrue(
-            "setting default keepalive options not supported on this platform",
-            (IOUtils.LINUX || IOUtils.MAC_OS_X)
-        );
+        assumeTrue("setting default keepalive options not supported on this platform", (IOUtils.LINUX || IOUtils.MAC_OS_X));
         try (
             MockTransportService serviceC = buildService("TS_C", Version.CURRENT, Settings.EMPTY);
             MockTransportService serviceD = buildService("TS_D", Version.CURRENT, Settings.EMPTY)
diff --git a/plugins/transport-nio/src/test/java/org/elasticsearch/transport/nio/SimpleNioTransportTests.java b/plugins/transport-nio/src/test/java/org/elasticsearch/transport/nio/SimpleNioTransportTests.java
index ac3b90a3913e7..39356429e7e60 100644
--- a/plugins/transport-nio/src/test/java/org/elasticsearch/transport/nio/SimpleNioTransportTests.java
+++ b/plugins/transport-nio/src/test/java/org/elasticsearch/transport/nio/SimpleNioTransportTests.java
@@ -98,10 +98,7 @@ public void testConnectException() throws UnknownHostException {
     }
 
     public void testDefaultKeepAliveSettings() throws IOException {
-        assumeTrue(
-            "setting default keepalive options not supported on this platform",
-            (IOUtils.LINUX || IOUtils.MAC_OS_X)
-        );
+        assumeTrue("setting default keepalive options not supported on this platform", (IOUtils.LINUX || IOUtils.MAC_OS_X));
         try (
             MockTransportService serviceC = buildService("TS_C", Version.CURRENT, Settings.EMPTY);
             MockTransportService serviceD = buildService("TS_D", Version.CURRENT, Settings.EMPTY);
diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java
index 1b1916c2ce72d..0f65ab9c33c17 100644
--- a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java
+++ b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java
@@ -24,6 +24,7 @@
 import java.util.List;
 import java.util.Locale;
 import java.util.function.Function;
+
 import javax.crypto.SecretKeyFactory;
 import javax.net.ssl.SSLContext;
 
diff --git a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java
index 19ad6bdc05d3d..7e558e022dcbe 100644
--- a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java
+++ b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java
@@ -11,6 +11,7 @@
 import org.elasticsearch.test.ESTestCase;
 
 import java.security.NoSuchAlgorithmException;
+
 import javax.crypto.SecretKeyFactory;
 
 import static org.elasticsearch.xpack.core.security.authc.RealmSettings.DOMAIN_TO_REALM_ASSOC_SETTING;
diff --git a/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterSslIT.java b/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterSslIT.java
index 0f8d3f0323dd8..179c6106037da 100644
--- a/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterSslIT.java
+++ b/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterSslIT.java
@@ -29,6 +29,7 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.util.Locale;
+
 import javax.net.ssl.SSLContext;
 
 import static org.hamcrest.Matchers.containsString;
diff --git a/x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java b/x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java
index e146f44d9b555..038bb9c2c0079 100644
--- a/x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java
+++ b/x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java
@@ -33,6 +33,7 @@
 import java.security.cert.CertPathBuilderException;
 import java.util.HashSet;
 import java.util.List;
+
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/SSLDriverTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/SSLDriverTests.java
index 5675ccef9ad61..98374c84f3615 100644
--- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/SSLDriverTests.java
+++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/SSLDriverTests.java
@@ -30,7 +30,6 @@
 import javax.net.ssl.SSLException;
 import javax.net.ssl.TrustManager;
 
-import static org.hamcrest.Matchers.anyOf;
 import static org.hamcrest.Matchers.is;
 
 public class SSLDriverTests extends ESTestCase {
@@ -228,10 +227,7 @@ public void testHandshakeFailureBecauseNoCiphers() throws Exception {
     }
 
     public void testCloseDuringHandshakeJDK11() throws Exception {
-        assumeTrue(
-            "this tests ssl engine for JDK11",
-            inFipsJvm() == false
-        );
+        assumeTrue("this tests ssl engine for JDK11", inFipsJvm() == false);
         SSLContext sslContext = getSSLContext();
         SSLDriver clientDriver = getDriver(sslContext.createSSLEngine(), true);
         SSLDriver serverDriver = getDriver(sslContext.createSSLEngine(), false);
diff --git a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/common/http/HttpClientTests.java b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/common/http/HttpClientTests.java
index e274020482ba0..8126152159e58 100644
--- a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/common/http/HttpClientTests.java
+++ b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/common/http/HttpClientTests.java
@@ -54,6 +54,7 @@
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.atomic.AtomicReference;
+
 import javax.net.ssl.SSLContext;
 
 import static org.hamcrest.Matchers.containsInAnyOrder;

From 627bca984e82f6733020f28dbdd733e26eb0eeeb Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Fri, 25 Mar 2022 15:14:57 -0700
Subject: [PATCH 3/7] fix test

---
 .../java/org/elasticsearch/jdk/JarHellTests.java  | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/libs/core/src/test/java/org/elasticsearch/jdk/JarHellTests.java b/libs/core/src/test/java/org/elasticsearch/jdk/JarHellTests.java
index 7d4e47a3e052d..1806fb7b37295 100644
--- a/libs/core/src/test/java/org/elasticsearch/jdk/JarHellTests.java
+++ b/libs/core/src/test/java/org/elasticsearch/jdk/JarHellTests.java
@@ -29,6 +29,7 @@
 import java.util.zip.ZipOutputStream;
 
 import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.equalTo;
 
 public class JarHellTests extends ESTestCase {
 
@@ -159,18 +160,8 @@ public void testBadJDKVersionInJar() throws Exception {
         attributes.put(Attributes.Name.MANIFEST_VERSION, "1.0.0");
         attributes.put(new Attributes.Name("X-Compile-Target-JDK"), "bogus");
         Set<URL> jars = Collections.singleton(makeJar(dir, "foo.jar", manifest, "Foo.class"));
-        try {
-            JarHell.checkJarHell(jars, logger::debug);
-            fail("did not get expected exception");
-        } catch (IllegalStateException e) {
-            assertTrue(
-                e.getMessage()
-                    .equals(
-                        "version string must be a sequence of nonnegative decimal integers separated "
-                            + "by \".\"'s and may have leading zeros but was bogus"
-                    )
-            );
-        }
+        var e = expectThrows(IllegalArgumentException.class, () -> JarHell.checkJarHell(jars, logger::debug));
+        assertThat(e.getMessage(), equalTo("Invalid version string: 'bogus'"));
     }
 
     public void testRequiredJDKVersionIsOK() throws Exception {

From f2ee2686f232b5eeb71ce92d4686112aa19bd207 Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Fri, 25 Mar 2022 15:33:25 -0700
Subject: [PATCH 4/7] remove old test

---
 .../bootstrap/BootstrapChecksTests.java       | 75 -------------------
 1 file changed, 75 deletions(-)

diff --git a/server/src/test/java/org/elasticsearch/bootstrap/BootstrapChecksTests.java b/server/src/test/java/org/elasticsearch/bootstrap/BootstrapChecksTests.java
index 463a49326660b..e190cc56c0de1 100644
--- a/server/src/test/java/org/elasticsearch/bootstrap/BootstrapChecksTests.java
+++ b/server/src/test/java/org/elasticsearch/bootstrap/BootstrapChecksTests.java
@@ -641,81 +641,6 @@ String javaVersion() {
 
     }
 
-    public void testG1GCCheck() throws NodeValidationException {
-        final AtomicBoolean isG1GCEnabled = new AtomicBoolean(true);
-        final AtomicBoolean isJava8 = new AtomicBoolean(true);
-        final AtomicReference<String> jvmVersion = new AtomicReference<>(
-            String.format(Locale.ROOT, "25.%d-b%d", randomIntBetween(0, 39), randomIntBetween(1, 128))
-        );
-        final BootstrapChecks.G1GCCheck g1GCCheck = new BootstrapChecks.G1GCCheck() {
-
-            @Override
-            String jvmVendor() {
-                return "Oracle Corporation";
-            }
-
-            @Override
-            boolean isG1GCEnabled() {
-                return isG1GCEnabled.get();
-            }
-
-            @Override
-            String jvmVersion() {
-                return jvmVersion.get();
-            }
-
-            @Override
-            boolean isJava8() {
-                return isJava8.get();
-            }
-
-        };
-
-        final NodeValidationException e = expectThrows(
-            NodeValidationException.class,
-            () -> BootstrapChecks.check(emptyContext, true, Collections.singletonList(g1GCCheck))
-        );
-        assertThat(
-            e.getMessage(),
-            containsString(
-                "JVM version [" + jvmVersion.get() + "] can cause data corruption when used with G1GC; upgrade to at least Java 8u40"
-            )
-        );
-
-        // if G1GC is disabled, nothing should happen
-        isG1GCEnabled.set(false);
-        BootstrapChecks.check(emptyContext, true, Collections.singletonList(g1GCCheck));
-
-        // if on or after update 40, nothing should happen independent of whether or not G1GC is enabled
-        isG1GCEnabled.set(randomBoolean());
-        jvmVersion.set(String.format(Locale.ROOT, "25.%d-b%d", randomIntBetween(40, 112), randomIntBetween(1, 128)));
-        BootstrapChecks.check(emptyContext, true, Collections.singletonList(g1GCCheck));
-
-        final BootstrapChecks.G1GCCheck nonOracleCheck = new BootstrapChecks.G1GCCheck() {
-
-            @Override
-            String jvmVendor() {
-                return randomAlphaOfLength(8);
-            }
-
-        };
-
-        // if not on an Oracle JVM, nothing should happen
-        BootstrapChecks.check(emptyContext, true, Collections.singletonList(nonOracleCheck));
-
-        final BootstrapChecks.G1GCCheck nonJava8Check = new BootstrapChecks.G1GCCheck() {
-
-            @Override
-            boolean isJava8() {
-                return false;
-            }
-
-        };
-
-        // if not Java 8, nothing should happen
-        BootstrapChecks.check(emptyContext, true, Collections.singletonList(nonJava8Check));
-    }
-
     public void testAllPermissionCheck() throws NodeValidationException {
         final AtomicBoolean isAllPermissionGranted = new AtomicBoolean(true);
         final BootstrapChecks.AllPermissionCheck allPermissionCheck = new BootstrapChecks.AllPermissionCheck() {

From 53e5290b546bf8b39f590fad38db6552ddfe4ee4 Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Fri, 25 Mar 2022 15:47:03 -0700
Subject: [PATCH 5/7] checkstyle

---
 .../java/org/elasticsearch/bootstrap/BootstrapChecksTests.java   | 1 -
 1 file changed, 1 deletion(-)

diff --git a/server/src/test/java/org/elasticsearch/bootstrap/BootstrapChecksTests.java b/server/src/test/java/org/elasticsearch/bootstrap/BootstrapChecksTests.java
index e190cc56c0de1..6b92a949dc54e 100644
--- a/server/src/test/java/org/elasticsearch/bootstrap/BootstrapChecksTests.java
+++ b/server/src/test/java/org/elasticsearch/bootstrap/BootstrapChecksTests.java
@@ -28,7 +28,6 @@
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
-import java.util.Locale;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.concurrent.atomic.AtomicReference;

From 63818dc2545968b1ee9fe07b4f113f7f05be6b66 Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Mon, 28 Mar 2022 08:44:58 -0700
Subject: [PATCH 6/7] remove old test

---
 .../indices/recovery/RecoverySettingsTests.java       | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/server/src/test/java/org/elasticsearch/indices/recovery/RecoverySettingsTests.java b/server/src/test/java/org/elasticsearch/indices/recovery/RecoverySettingsTests.java
index 3a72b98819a84..a3edbe5e648f3 100644
--- a/server/src/test/java/org/elasticsearch/indices/recovery/RecoverySettingsTests.java
+++ b/server/src/test/java/org/elasticsearch/indices/recovery/RecoverySettingsTests.java
@@ -303,17 +303,6 @@ public void testMaxBytesPerSecOnDataNodeWithAvailableBandwidths() {
         );
     }
 
-    public void testDefaultMaxBytesPerSecOnColdOrFrozenNodeWithOldJvm() {
-        assertThat(
-            "Data nodes with only cold/frozen data roles have a default 40mb rate limit on Java version prior to 14",
-            nodeRecoverySettings().withRoles(randomFrom(Set.of("data_cold"), Set.of("data_frozen"), Set.of("data_cold", "data_frozen")))
-                .withRandomMemory()
-                .build()
-                .getMaxBytesPerSec(),
-            equalTo(DEFAULT_MAX_BYTES_PER_SEC)
-        );
-    }
-
     public void testDefaultMaxBytesPerSecOnColdOrFrozenNode() {
         final Set<String> dataRoles = randomFrom(Set.of("data_cold"), Set.of("data_frozen"), Set.of("data_cold", "data_frozen"));
         {

From 2655531e3c79b10347a9e94728a8a1331c78c04f Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Mon, 28 Mar 2022 10:30:38 -0700
Subject: [PATCH 7/7] fix tests

---
 .../org/elasticsearch/plugins/PluginInfoTests.java     | 10 ++--------
 .../org/elasticsearch/plugins/PluginsServiceTests.java |  2 +-
 2 files changed, 3 insertions(+), 9 deletions(-)

diff --git a/server/src/test/java/org/elasticsearch/plugins/PluginInfoTests.java b/server/src/test/java/org/elasticsearch/plugins/PluginInfoTests.java
index 1fa6ea6b96392..4ff0f9eceead3 100644
--- a/server/src/test/java/org/elasticsearch/plugins/PluginInfoTests.java
+++ b/server/src/test/java/org/elasticsearch/plugins/PluginInfoTests.java
@@ -119,14 +119,8 @@ public void testReadFromPropertiesBadJavaVersionFormat() throws Exception {
             "version",
             "1.0"
         );
-        IllegalStateException e = expectThrows(IllegalStateException.class, () -> PluginInfo.readFromProperties(pluginDir));
-        assertThat(
-            e.getMessage(),
-            equalTo(
-                "version string must be a sequence of nonnegative decimal integers separated"
-                    + " by \".\"'s and may have leading zeros but was 1.7.0_80"
-            )
-        );
+        IllegalArgumentException e = expectThrows(IllegalArgumentException.class, () -> PluginInfo.readFromProperties(pluginDir));
+        assertThat(e.getMessage(), equalTo("Invalid version string: '1.7.0_80'"));
     }
 
     public void testReadFromPropertiesBogusElasticsearchVersion() throws Exception {
diff --git a/server/src/test/java/org/elasticsearch/plugins/PluginsServiceTests.java b/server/src/test/java/org/elasticsearch/plugins/PluginsServiceTests.java
index f6af0aa4fc71c..e6d756f11c88d 100644
--- a/server/src/test/java/org/elasticsearch/plugins/PluginsServiceTests.java
+++ b/server/src/test/java/org/elasticsearch/plugins/PluginsServiceTests.java
@@ -1014,7 +1014,7 @@ public void testIncompatibleJavaVersion() throws Exception {
             "desc",
             "1.0",
             Version.CURRENT,
-            "1000000.0",
+            "1000",
             "FakePlugin",
             Collections.emptyList(),
             false,