diff --git a/src/java.base/share/classes/sun/security/ssl/KAKeyDerivation.java b/src/java.base/share/classes/sun/security/ssl/KAKeyDerivation.java
index dea86351cc8..0ca197160a9 100644
--- a/src/java.base/share/classes/sun/security/ssl/KAKeyDerivation.java
+++ b/src/java.base/share/classes/sun/security/ssl/KAKeyDerivation.java
@@ -49,6 +49,9 @@ import sun.security.util.KeyUtil;
  */
 public class KAKeyDerivation implements SSLKeyDerivation {
 
+    // Algorithm used to derive TLS 1.3 shared secrets
+    private static final String t13KeyDerivationAlgorithm =
+            System.getProperty("jdk.tls.t13KeyDerivationAlgorithm", "Generic");
     private final String algorithmName;
     private final HandshakeContext context;
     private final PrivateKey localPrivateKey;
@@ -234,7 +237,7 @@ public class KAKeyDerivation implements SSLKeyDerivation {
                     var decapsulator = kem.newDecapsulator(localPrivateKey);
                     sharedSecret = decapsulator.decapsulate(
                             keyshare, 0, decapsulator.secretSize(),
-                            "TlsPremasterSecret");
+                            t13KeyDerivationAlgorithm);
                 } catch (IllegalArgumentException | InvalidKeyException |
                         DecapsulateException e) {
                     // Peer validation failure
@@ -252,7 +255,7 @@ public class KAKeyDerivation implements SSLKeyDerivation {
                 KeyAgreement ka = KeyAgreement.getInstance(algorithmName);
                 ka.init(localPrivateKey);
                 ka.doPhase(peerPublicKey, true);
-                sharedSecret = ka.generateSecret("TlsPremasterSecret");
+                sharedSecret = ka.generateSecret(t13KeyDerivationAlgorithm);
             }
 
             return deriveHandshakeSecret(type, sharedSecret);