We're currently using BC 1.68 which came out around a year ago. We should update to BC 1.70 which just came out. 1.70 contains TLS v1.3 & ECDSA bug fixes which we think we'll start seeing more of now that we've enabled TLS v1.3 by default.
This ticket includes:
- update jvm-ssl-utils to test that there's not regressions (there are potentially backwards incompatible changes in 1.69).
- ensure the new utils jar that they've split out is pulled in transitively from the artifact ids and if not explicitly declaring a dependency on the new utils jar.
- verify the new utils jar is properly removed by the "provided" profile
- update clj-parent once we've verified it doesn't break jvm-ssl-utils and puppetserver (puppetserver testing is p art of the clj-parent bump process)
- ensure puppetserver is updated to the new clj-parent (should be automatic)
- let PDB know that they should be using the new version