diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index bbbb1e07f70..c64e8f6a716 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -22,10 +22,10 @@ name: "CodeQL"
 
 on:
   push:
-    branches: ["4.1", "4.2", main]
+    branches: ["4.1", "4.2"]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: ["4.1", "4.2", main]
+    branches: ["4.1", "4.2"]
   schedule:
     - cron: '0 13 * * 3'
 
@@ -89,6 +89,10 @@ jobs:
     # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
     #    and modify them (or add more) to build your code if your project
     #    uses a compiled language
+    - uses: actions/setup-java@v4
+      with:
+        distribution: 'zulu'
+        java-version: '8' # The JDK version to make available on the path.
 
     - name: Compile project
       run: ./mvnw -B -ntp clean package -DskipTests=true
diff --git a/buffer/src/main/java/io/netty/buffer/AdaptivePoolingAllocator.java b/buffer/src/main/java/io/netty/buffer/AdaptivePoolingAllocator.java
index 3a4f951d3ef..c4c21cad986 100644
--- a/buffer/src/main/java/io/netty/buffer/AdaptivePoolingAllocator.java
+++ b/buffer/src/main/java/io/netty/buffer/AdaptivePoolingAllocator.java
@@ -22,7 +22,6 @@
 import io.netty.util.internal.ObjectPool;
 import io.netty.util.internal.ObjectUtil;
 import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.SystemPropertyUtil;
 import io.netty.util.internal.UnstableApi;
 
@@ -42,8 +41,6 @@
 import java.util.concurrent.atomic.AtomicReferenceFieldUpdater;
 import java.util.concurrent.locks.StampedLock;
 
-import static io.netty.util.internal.PlatformDependent.javaVersion;
-
 /**
  * An auto-tuning pooling allocator, that follows an anti-generational hypothesis.
  * <p>
@@ -70,7 +67,6 @@
  * magazine, to be shared with other magazines.
  * The {@link #createSharedChunkQueue()} method can be overridden to customize this queue.
  */
-@SuppressJava6Requirement(reason = "Guarded by version check")
 @UnstableApi
 final class AdaptivePoolingAllocator {
     private static final int RETIRE_CAPACITY = 4 * 1024;
@@ -104,10 +100,6 @@ final class AdaptivePoolingAllocator {
 
     AdaptivePoolingAllocator(ChunkAllocator chunkAllocator) {
         this.chunkAllocator = chunkAllocator;
-        if (javaVersion() < 8) {
-            // The implementation uses StampedLock, which was introduced in Java 8.
-            throw new IllegalStateException("This allocator require Java 8 or newer.");
-        }
         centralQueue = ObjectUtil.checkNotNull(createSharedChunkQueue(), "centralQueue");
         magazineExpandLock = new StampedLock();
         Magazine[] mags = new Magazine[4];
@@ -234,7 +226,6 @@ private boolean offerToQueue(ChunkByteBuf buffer) {
         return centralQueue.offer(buffer);
     }
 
-    @SuppressJava6Requirement(reason = "Guarded by version check")
     @SuppressWarnings("checkstyle:finalclass") // Checkstyle mistakenly believes this class should be final.
     private static class AllocationStatistics extends StampedLock {
         private static final long serialVersionUID = -8319929980932269688L;
diff --git a/buffer/src/main/java/io/netty/buffer/PooledUnsafeHeapByteBuf.java b/buffer/src/main/java/io/netty/buffer/PooledUnsafeHeapByteBuf.java
index 9a8674e12e3..ccc72c9031b 100644
--- a/buffer/src/main/java/io/netty/buffer/PooledUnsafeHeapByteBuf.java
+++ b/buffer/src/main/java/io/netty/buffer/PooledUnsafeHeapByteBuf.java
@@ -132,26 +132,18 @@ protected void _setLongLE(int index, long value) {
 
     @Override
     public ByteBuf setZero(int index, int length) {
-        if (PlatformDependent.javaVersion() >= 7) {
-            checkIndex(index, length);
-            // Only do on java7+ as the needed Unsafe call was only added there.
-            UnsafeByteBufUtil.setZero(memory, idx(index), length);
-            return this;
-        }
-        return super.setZero(index, length);
+        checkIndex(index, length);
+        UnsafeByteBufUtil.setZero(memory, idx(index), length);
+        return this;
     }
 
     @Override
     public ByteBuf writeZero(int length) {
-        if (PlatformDependent.javaVersion() >= 7) {
-            // Only do on java7+ as the needed Unsafe call was only added there.
-            ensureWritable(length);
-            int wIndex = writerIndex;
-            UnsafeByteBufUtil.setZero(memory, idx(wIndex), length);
-            writerIndex = wIndex + length;
-            return this;
-        }
-        return super.writeZero(length);
+        ensureWritable(length);
+        int wIndex = writerIndex;
+        UnsafeByteBufUtil.setZero(memory, idx(wIndex), length);
+        writerIndex = wIndex + length;
+        return this;
     }
 
     @Override
diff --git a/buffer/src/main/java/io/netty/buffer/UnpooledUnsafeHeapByteBuf.java b/buffer/src/main/java/io/netty/buffer/UnpooledUnsafeHeapByteBuf.java
index 2644df4be1a..283e76fe6cb 100644
--- a/buffer/src/main/java/io/netty/buffer/UnpooledUnsafeHeapByteBuf.java
+++ b/buffer/src/main/java/io/netty/buffer/UnpooledUnsafeHeapByteBuf.java
@@ -248,26 +248,18 @@ protected void _setLongLE(int index, long value) {
 
     @Override
     public ByteBuf setZero(int index, int length) {
-        if (PlatformDependent.javaVersion() >= 7) {
-            // Only do on java7+ as the needed Unsafe call was only added there.
-            checkIndex(index, length);
-            UnsafeByteBufUtil.setZero(array, index, length);
-            return this;
-        }
-        return super.setZero(index, length);
+        checkIndex(index, length);
+        UnsafeByteBufUtil.setZero(array, index, length);
+        return this;
     }
 
     @Override
     public ByteBuf writeZero(int length) {
-        if (PlatformDependent.javaVersion() >= 7) {
-            // Only do on java7+ as the needed Unsafe call was only added there.
-            ensureWritable(length);
-            int wIndex = writerIndex;
-            UnsafeByteBufUtil.setZero(array, wIndex, length);
-            writerIndex = wIndex + length;
-            return this;
-        }
-        return super.writeZero(length);
+        ensureWritable(length);
+        int wIndex = writerIndex;
+        UnsafeByteBufUtil.setZero(array, wIndex, length);
+        writerIndex = wIndex + length;
+        return this;
     }
 
     @Override
diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketUtil.java b/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketUtil.java
index f35efaadba3..0a26f28d93e 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketUtil.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketUtil.java
@@ -15,16 +15,12 @@
  */
 package io.netty.handler.codec.http.websocketx;
 
-import io.netty.buffer.ByteBuf;
-import io.netty.buffer.Unpooled;
-import io.netty.handler.codec.base64.Base64;
-import io.netty.util.CharsetUtil;
 import io.netty.util.concurrent.FastThreadLocal;
 import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
 
 /**
  * A utility class mainly for use by web sockets
@@ -95,24 +91,8 @@ private static byte[] digest(FastThreadLocal<MessageDigest> digestFastThreadLoca
      * @param data The data to encode
      * @return An encoded string containing the data
      */
-    @SuppressJava6Requirement(reason = "Guarded with java version check")
     static String base64(byte[] data) {
-        if (PlatformDependent.javaVersion() >= 8) {
-            return java.util.Base64.getEncoder().encodeToString(data);
-        }
-        String encodedString;
-        ByteBuf encodedData = Unpooled.wrappedBuffer(data);
-        try {
-            ByteBuf encoded = Base64.encode(encodedData);
-            try {
-                encodedString = encoded.toString(CharsetUtil.UTF_8);
-            } finally {
-                encoded.release();
-            }
-        } finally {
-            encodedData.release();
-        }
-        return encodedString;
+        return Base64.getEncoder().encodeToString(data);
     }
 
     /**
diff --git a/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyHeaderBlockEncoder.java b/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyHeaderBlockEncoder.java
index 69217ca0508..c122e3c7f45 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyHeaderBlockEncoder.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyHeaderBlockEncoder.java
@@ -17,7 +17,6 @@
 
 import io.netty.buffer.ByteBuf;
 import io.netty.buffer.ByteBufAllocator;
-import io.netty.util.internal.PlatformDependent;
 
 /**
  * Super-class for SPDY header-block encoders.
@@ -30,14 +29,7 @@ public abstract class SpdyHeaderBlockEncoder {
 
     static SpdyHeaderBlockEncoder newInstance(
             SpdyVersion version, int compressionLevel, int windowBits, int memLevel) {
-
-        if (PlatformDependent.javaVersion() >= 7) {
-            return new SpdyHeaderBlockZlibEncoder(
-                    version, compressionLevel);
-        } else {
-            return new SpdyHeaderBlockJZlibEncoder(
-                    version, compressionLevel, windowBits, memLevel);
-        }
+        return new SpdyHeaderBlockZlibEncoder(version, compressionLevel);
     }
 
     abstract ByteBuf encode(ByteBufAllocator alloc, SpdyHeadersFrame frame) throws Exception;
diff --git a/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyHeaderBlockZlibEncoder.java b/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyHeaderBlockZlibEncoder.java
index 21a18f90a11..bf33d94ce23 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyHeaderBlockZlibEncoder.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyHeaderBlockZlibEncoder.java
@@ -18,12 +18,10 @@
 import io.netty.buffer.ByteBuf;
 import io.netty.buffer.ByteBufAllocator;
 import io.netty.buffer.Unpooled;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 
 import java.util.zip.Deflater;
 
-import static io.netty.handler.codec.spdy.SpdyCodecUtil.*;
+import static io.netty.handler.codec.spdy.SpdyCodecUtil.SPDY_DICT;
 import static io.netty.util.internal.ObjectUtil.checkNotNullWithIAE;
 
 class SpdyHeaderBlockZlibEncoder extends SpdyHeaderBlockRawEncoder {
@@ -73,17 +71,11 @@ private ByteBuf encode(ByteBufAllocator alloc, int len) {
         }
     }
 
-    @SuppressJava6Requirement(reason = "Guarded by java version check")
     private boolean compressInto(ByteBuf compressed) {
         byte[] out = compressed.array();
         int off = compressed.arrayOffset() + compressed.writerIndex();
         int toWrite = compressed.writableBytes();
-        final int numBytes;
-        if (PlatformDependent.javaVersion() >= 7) {
-            numBytes = compressor.deflate(out, off, toWrite, Deflater.SYNC_FLUSH);
-        } else {
-            numBytes = compressor.deflate(out, off, toWrite);
-        }
+        final int numBytes = compressor.deflate(out, off, toWrite, Deflater.SYNC_FLUSH);
         compressed.writerIndex(compressed.writerIndex() + numBytes);
         return numBytes == toWrite;
     }
diff --git a/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyProtocolException.java b/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyProtocolException.java
index e097d5cf714..99c3956cdd0 100644
--- a/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyProtocolException.java
+++ b/codec-http/src/main/java/io/netty/handler/codec/spdy/SpdyProtocolException.java
@@ -15,8 +15,6 @@
  */
 package io.netty.handler.codec.spdy;
 
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.ThrowableUtil;
 
 public class SpdyProtocolException extends Exception {
@@ -50,17 +48,10 @@ public SpdyProtocolException(Throwable cause) {
     }
 
     static SpdyProtocolException newStatic(String message, Class<?> clazz, String method) {
-        final SpdyProtocolException exception;
-        if (PlatformDependent.javaVersion() >= 7) {
-            exception = new StacklessSpdyProtocolException(message, true);
-        } else {
-            exception = new StacklessSpdyProtocolException(message);
-        }
+        final SpdyProtocolException exception = new StacklessSpdyProtocolException(message, true);
         return ThrowableUtil.unknownStackTrace(exception, clazz, method);
     }
 
-    @SuppressJava6Requirement(reason = "uses Java 7+ Exception.<init>(String, Throwable, boolean, boolean)" +
-            " but is guarded by version checks")
     private SpdyProtocolException(String message, boolean shared) {
         super(message, null, false, true);
         assert shared;
@@ -69,10 +60,6 @@ private SpdyProtocolException(String message, boolean shared) {
     private static final class StacklessSpdyProtocolException extends SpdyProtocolException {
         private static final long serialVersionUID = -6302754207557485099L;
 
-        StacklessSpdyProtocolException(String message) {
-            super(message);
-        }
-
         StacklessSpdyProtocolException(String message, boolean shared) {
             super(message, shared);
         }
diff --git a/codec-http2/src/main/java/io/netty/handler/codec/http2/Http2Exception.java b/codec-http2/src/main/java/io/netty/handler/codec/http2/Http2Exception.java
index 9b3e61fb9c5..d8787f3893a 100644
--- a/codec-http2/src/main/java/io/netty/handler/codec/http2/Http2Exception.java
+++ b/codec-http2/src/main/java/io/netty/handler/codec/http2/Http2Exception.java
@@ -15,8 +15,6 @@
 
 package io.netty.handler.codec.http2;
 
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.ThrowableUtil;
 import io.netty.util.internal.UnstableApi;
 
@@ -68,17 +66,10 @@ public Http2Exception(Http2Error error, String message, Throwable cause, Shutdow
 
     static Http2Exception newStatic(Http2Error error, String message, ShutdownHint shutdownHint,
                                     Class<?> clazz, String method) {
-        final Http2Exception exception;
-        if (PlatformDependent.javaVersion() >= 7) {
-            exception = new StacklessHttp2Exception(error, message, shutdownHint, true);
-        } else {
-            exception = new StacklessHttp2Exception(error, message, shutdownHint);
-        }
+        final Http2Exception exception = new StacklessHttp2Exception(error, message, shutdownHint, true);
         return ThrowableUtil.unknownStackTrace(exception, clazz, method);
     }
 
-    @SuppressJava6Requirement(reason = "uses Java 7+ Exception.<init>(String, Throwable, boolean, boolean)" +
-            " but is guarded by version checks")
     private Http2Exception(Http2Error error, String message, ShutdownHint shutdownHint, boolean shared) {
         super(message, null, false, true);
         assert shared;
diff --git a/codec/src/main/java/io/netty/handler/codec/compression/ByteBufChecksum.java b/codec/src/main/java/io/netty/handler/codec/compression/ByteBufChecksum.java
index 21c6f16a4ed..f8161b06b01 100644
--- a/codec/src/main/java/io/netty/handler/codec/compression/ByteBufChecksum.java
+++ b/codec/src/main/java/io/netty/handler/codec/compression/ByteBufChecksum.java
@@ -18,9 +18,7 @@
 import io.netty.buffer.ByteBuf;
 import io.netty.util.ByteProcessor;
 import io.netty.util.internal.ObjectUtil;
-import io.netty.util.internal.PlatformDependent;
 
-import java.lang.reflect.Method;
 import java.nio.ByteBuffer;
 import java.util.zip.Adler32;
 import java.util.zip.CRC32;
@@ -28,27 +26,11 @@
 
 /**
  * {@link Checksum} implementation which can directly act on a {@link ByteBuf}.
- *
+ * <p>
  * Implementations may optimize access patterns depending on if the {@link ByteBuf} is backed by a
  * byte array ({@link ByteBuf#hasArray()} is {@code true}) or not.
  */
 abstract class ByteBufChecksum implements Checksum {
-
-    /**
-     * on OpenJDK Adler32 and CRC32 both calls ZipUtils.loadLibrary on class init.
-     */
-    private static class ZlibChecksumMethods {
-        private static final Method ADLER32_UPDATE_METHOD;
-        private static final Method CRC32_UPDATE_METHOD;
-
-        static {
-            // See if we can use fast-path when using ByteBuf that is not heap based as Adler32 and CRC32 added support
-            // for update(ByteBuffer) in JDK8.
-            ADLER32_UPDATE_METHOD = updateByteBuffer(new Adler32());
-            CRC32_UPDATE_METHOD = updateByteBuffer(new CRC32());
-        }
-    }
-
     private final ByteProcessor updateProcessor = new ByteProcessor() {
         @Override
         public boolean process(byte value) throws Exception {
@@ -57,31 +39,12 @@ public boolean process(byte value) throws Exception {
         }
     };
 
-    private static Method updateByteBuffer(Checksum checksum) {
-        if (PlatformDependent.javaVersion() >= 8) {
-            try {
-                Method method = checksum.getClass().getDeclaredMethod("update", ByteBuffer.class);
-                method.invoke(checksum, ByteBuffer.allocate(1));
-                return method;
-            } catch (Throwable ignore) {
-                return null;
-            }
-        }
-        return null;
-    }
-
     static ByteBufChecksum wrapChecksum(Checksum checksum) {
         ObjectUtil.checkNotNull(checksum, "checksum");
         if (checksum instanceof ByteBufChecksum) {
             return (ByteBufChecksum) checksum;
         }
-        if (checksum instanceof Adler32 && ZlibChecksumMethods.ADLER32_UPDATE_METHOD != null) {
-            return new ReflectiveByteBufChecksum(checksum, ZlibChecksumMethods.ADLER32_UPDATE_METHOD);
-        }
-        if (checksum instanceof CRC32 && ZlibChecksumMethods.CRC32_UPDATE_METHOD != null) {
-            return new ReflectiveByteBufChecksum(checksum, ZlibChecksumMethods.CRC32_UPDATE_METHOD);
-        }
-        return new SlowByteBufChecksum(checksum);
+        return new JdkByteBufChecksum(checksum);
     }
 
     /**
@@ -95,40 +58,32 @@ public void update(ByteBuf b, int off, int len) {
         }
     }
 
-    private static final class ReflectiveByteBufChecksum extends SlowByteBufChecksum {
-        private final Method method;
+    private static class JdkByteBufChecksum extends ByteBufChecksum {
+        protected final Checksum checksum;
 
-        ReflectiveByteBufChecksum(Checksum checksum, Method method) {
-            super(checksum);
-            this.method = method;
+        JdkByteBufChecksum(Checksum checksum) {
+            this.checksum = checksum;
+        }
+
+        @Override
+        public void update(int b) {
+            checksum.update(b);
         }
 
         @Override
         public void update(ByteBuf b, int off, int len) {
             if (b.hasArray()) {
                 update(b.array(), b.arrayOffset() + off, len);
+            } else if (checksum instanceof CRC32) {
+                ByteBuffer byteBuffer = CompressionUtil.safeNioBuffer(b, off, len);
+                ((CRC32) checksum).update(byteBuffer);
+            } else if (checksum instanceof Adler32) {
+                ByteBuffer byteBuffer = CompressionUtil.safeNioBuffer(b, off, len);
+                ((Adler32) checksum).update(byteBuffer);
             } else {
-                try {
-                    method.invoke(checksum, CompressionUtil.safeNioBuffer(b, off, len));
-                } catch (Throwable cause) {
-                    throw new Error();
-                }
+                super.update(b, off, len);
             }
         }
-    }
-
-    private static class SlowByteBufChecksum extends ByteBufChecksum {
-
-        protected final Checksum checksum;
-
-        SlowByteBufChecksum(Checksum checksum) {
-            this.checksum = checksum;
-        }
-
-        @Override
-        public void update(int b) {
-            checksum.update(b);
-        }
 
         @Override
         public void update(byte[] b, int off, int len) {
diff --git a/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibEncoder.java b/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibEncoder.java
index e43f6d561e3..fb9e51fb4a2 100644
--- a/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibEncoder.java
+++ b/codec/src/main/java/io/netty/handler/codec/compression/JdkZlibEncoder.java
@@ -23,8 +23,6 @@
 import io.netty.util.concurrent.PromiseNotifier;
 import io.netty.util.internal.EmptyArrays;
 import io.netty.util.internal.ObjectUtil;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.SystemPropertyUtil;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
@@ -344,11 +342,7 @@ private ChannelFuture finishEncode(final ChannelHandlerContext ctx, ChannelPromi
         return ctx.writeAndFlush(footer, promise);
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     private void deflate(ByteBuf out) {
-        if (PlatformDependent.javaVersion() < 7) {
-            deflateJdk6(out);
-        }
         int numBytes;
         do {
             int writerIndex = out.writerIndex();
@@ -358,16 +352,6 @@ private void deflate(ByteBuf out) {
         } while (numBytes > 0);
     }
 
-    private void deflateJdk6(ByteBuf out) {
-        int numBytes;
-        do {
-            int writerIndex = out.writerIndex();
-            numBytes = deflater.deflate(
-                    out.array(), out.arrayOffset() + writerIndex, out.writableBytes());
-            out.writerIndex(writerIndex + numBytes);
-        } while (numBytes > 0);
-    }
-
     @Override
     public void handlerAdded(ChannelHandlerContext ctx) throws Exception {
         this.ctx = ctx;
diff --git a/codec/src/main/java/io/netty/handler/codec/compression/ZlibCodecFactory.java b/codec/src/main/java/io/netty/handler/codec/compression/ZlibCodecFactory.java
index d41d329af5e..5f4e5c4ae84 100644
--- a/codec/src/main/java/io/netty/handler/codec/compression/ZlibCodecFactory.java
+++ b/codec/src/main/java/io/netty/handler/codec/compression/ZlibCodecFactory.java
@@ -15,7 +15,6 @@
  */
 package io.netty.handler.codec.compression;
 
-import io.netty.util.internal.PlatformDependent;
 import io.netty.util.internal.SystemPropertyUtil;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
@@ -31,28 +30,24 @@ public final class ZlibCodecFactory {
 
     private static final boolean noJdkZlibDecoder;
     private static final boolean noJdkZlibEncoder;
-    private static final boolean supportsWindowSizeAndMemLevel;
 
     static {
-        noJdkZlibDecoder = SystemPropertyUtil.getBoolean("io.netty.noJdkZlibDecoder",
-                PlatformDependent.javaVersion() < 7);
+        noJdkZlibDecoder = SystemPropertyUtil.getBoolean("io.netty.noJdkZlibDecoder", false);
         logger.debug("-Dio.netty.noJdkZlibDecoder: {}", noJdkZlibDecoder);
 
         noJdkZlibEncoder = SystemPropertyUtil.getBoolean("io.netty.noJdkZlibEncoder", false);
         logger.debug("-Dio.netty.noJdkZlibEncoder: {}", noJdkZlibEncoder);
-
-        supportsWindowSizeAndMemLevel = noJdkZlibDecoder || PlatformDependent.javaVersion() >= 7;
     }
 
     /**
      * Returns {@code true} if specify a custom window size and mem level is supported.
      */
     public static boolean isSupportingWindowSizeAndMemLevel() {
-        return supportsWindowSizeAndMemLevel;
+        return true;
     }
 
     public static ZlibEncoder newZlibEncoder(int compressionLevel) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibEncoder) {
+        if (noJdkZlibEncoder) {
             return new JZlibEncoder(compressionLevel);
         } else {
             return new JdkZlibEncoder(compressionLevel);
@@ -60,7 +55,7 @@ public static ZlibEncoder newZlibEncoder(int compressionLevel) {
     }
 
     public static ZlibEncoder newZlibEncoder(ZlibWrapper wrapper) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibEncoder) {
+        if (noJdkZlibEncoder) {
             return new JZlibEncoder(wrapper);
         } else {
             return new JdkZlibEncoder(wrapper);
@@ -68,7 +63,7 @@ public static ZlibEncoder newZlibEncoder(ZlibWrapper wrapper) {
     }
 
     public static ZlibEncoder newZlibEncoder(ZlibWrapper wrapper, int compressionLevel) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibEncoder) {
+        if (noJdkZlibEncoder) {
             return new JZlibEncoder(wrapper, compressionLevel);
         } else {
             return new JdkZlibEncoder(wrapper, compressionLevel);
@@ -76,7 +71,7 @@ public static ZlibEncoder newZlibEncoder(ZlibWrapper wrapper, int compressionLev
     }
 
     public static ZlibEncoder newZlibEncoder(ZlibWrapper wrapper, int compressionLevel, int windowBits, int memLevel) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibEncoder ||
+        if (noJdkZlibEncoder ||
                 windowBits != DEFAULT_JDK_WINDOW_SIZE || memLevel != DEFAULT_JDK_MEM_LEVEL) {
             return new JZlibEncoder(wrapper, compressionLevel, windowBits, memLevel);
         } else {
@@ -85,7 +80,7 @@ public static ZlibEncoder newZlibEncoder(ZlibWrapper wrapper, int compressionLev
     }
 
     public static ZlibEncoder newZlibEncoder(byte[] dictionary) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibEncoder) {
+        if (noJdkZlibEncoder) {
             return new JZlibEncoder(dictionary);
         } else {
             return new JdkZlibEncoder(dictionary);
@@ -93,7 +88,7 @@ public static ZlibEncoder newZlibEncoder(byte[] dictionary) {
     }
 
     public static ZlibEncoder newZlibEncoder(int compressionLevel, byte[] dictionary) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibEncoder) {
+        if (noJdkZlibEncoder) {
             return new JZlibEncoder(compressionLevel, dictionary);
         } else {
             return new JdkZlibEncoder(compressionLevel, dictionary);
@@ -101,7 +96,7 @@ public static ZlibEncoder newZlibEncoder(int compressionLevel, byte[] dictionary
     }
 
     public static ZlibEncoder newZlibEncoder(int compressionLevel, int windowBits, int memLevel, byte[] dictionary) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibEncoder ||
+        if (noJdkZlibEncoder ||
                 windowBits != DEFAULT_JDK_WINDOW_SIZE || memLevel != DEFAULT_JDK_MEM_LEVEL) {
             return new JZlibEncoder(compressionLevel, windowBits, memLevel, dictionary);
         } else {
@@ -110,7 +105,7 @@ public static ZlibEncoder newZlibEncoder(int compressionLevel, int windowBits, i
     }
 
     public static ZlibDecoder newZlibDecoder() {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibDecoder) {
+        if (noJdkZlibDecoder) {
             return new JZlibDecoder();
         } else {
             return new JdkZlibDecoder(true);
@@ -118,7 +113,7 @@ public static ZlibDecoder newZlibDecoder() {
     }
 
     public static ZlibDecoder newZlibDecoder(ZlibWrapper wrapper) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibDecoder) {
+        if (noJdkZlibDecoder) {
             return new JZlibDecoder(wrapper);
         } else {
             return new JdkZlibDecoder(wrapper, true);
@@ -126,7 +121,7 @@ public static ZlibDecoder newZlibDecoder(ZlibWrapper wrapper) {
     }
 
     public static ZlibDecoder newZlibDecoder(byte[] dictionary) {
-        if (PlatformDependent.javaVersion() < 7 || noJdkZlibDecoder) {
+        if (noJdkZlibDecoder) {
             return new JZlibDecoder(dictionary);
         } else {
             return new JdkZlibDecoder(dictionary);
diff --git a/common/src/main/java/io/netty/util/NetUtil.java b/common/src/main/java/io/netty/util/NetUtil.java
index 63da7981a72..3941c3aa2b2 100644
--- a/common/src/main/java/io/netty/util/NetUtil.java
+++ b/common/src/main/java/io/netty/util/NetUtil.java
@@ -1073,13 +1073,12 @@ private static String toAddressString(byte[] bytes, int offset, boolean ipv4Mapp
     }
 
     /**
-     * Returns {@link InetSocketAddress#getHostString()} if Java >= 7,
-     * or {@link InetSocketAddress#getHostName()} otherwise.
+     * Returns {@link InetSocketAddress#getHostString()}.
      * @param addr The address
      * @return the host string
      */
     public static String getHostname(InetSocketAddress addr) {
-        return PlatformDependent.javaVersion() >= 7 ? addr.getHostString() : addr.getHostName();
+        return addr.getHostString();
     }
 
     /**
diff --git a/common/src/main/java/io/netty/util/internal/Hidden.java b/common/src/main/java/io/netty/util/internal/Hidden.java
index cf32e154ff5..746e91c8fa2 100644
--- a/common/src/main/java/io/netty/util/internal/Hidden.java
+++ b/common/src/main/java/io/netty/util/internal/Hidden.java
@@ -35,7 +35,6 @@ class Hidden {
      * and SHOULD NOT be considered a public API.
      */
     @UnstableApi
-    @SuppressJava6Requirement(reason = "BlockHound is Java 8+, but this class is only loaded by it's SPI")
     public static final class NettyBlockHoundIntegration implements BlockHoundIntegration {
 
         @Override
@@ -171,7 +170,6 @@ public void applyTo(BlockHound.Builder builder) {
                 public Predicate<Thread> apply(final Predicate<Thread> p) {
                     return new Predicate<Thread>() {
                         @Override
-                        @SuppressJava6Requirement(reason = "Predicate#test")
                         public boolean test(Thread thread) {
                             return p.test(thread) ||
                                     thread instanceof FastThreadLocalThread &&
diff --git a/common/src/main/java/io/netty/util/internal/LongAdderCounter.java b/common/src/main/java/io/netty/util/internal/LongAdderCounter.java
index 7b4c2cecabc..8320b9eba84 100644
--- a/common/src/main/java/io/netty/util/internal/LongAdderCounter.java
+++ b/common/src/main/java/io/netty/util/internal/LongAdderCounter.java
@@ -17,7 +17,6 @@
 
 import java.util.concurrent.atomic.LongAdder;
 
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 final class LongAdderCounter extends LongAdder implements LongCounter {
 
     @Override
diff --git a/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java b/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
index 41f615f3fb8..2f48ba1ea6c 100644
--- a/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
+++ b/common/src/main/java/io/netty/util/internal/NativeLibraryLoader.java
@@ -29,6 +29,8 @@
 import java.io.OutputStream;
 import java.lang.reflect.Method;
 import java.net.URL;
+import java.nio.file.Files;
+import java.nio.file.attribute.PosixFilePermission;
 import java.security.AccessController;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
@@ -399,7 +401,8 @@ private static void loadLibrary(final ClassLoader loader, final String name, fin
             if (suppressed != null) {
                 ThrowableUtil.addSuppressed(nsme, suppressed);
             }
-            rethrowWithMoreDetailsIfPossible(name, nsme);
+            throw new LinkageError(
+                    "Possible multiple incompatible native libraries on the classpath for '" + name + "'?", nsme);
         } catch (UnsatisfiedLinkError ule) {
             if (suppressed != null) {
                 ThrowableUtil.addSuppressed(ule, suppressed);
@@ -408,15 +411,6 @@ private static void loadLibrary(final ClassLoader loader, final String name, fin
         }
     }
 
-    @SuppressJava6Requirement(reason = "Guarded by version check")
-    private static void rethrowWithMoreDetailsIfPossible(String name, NoSuchMethodError error) {
-        if (PlatformDependent.javaVersion() >= 7) {
-            throw new LinkageError(
-                    "Possible multiple incompatible native libraries on the classpath for '" + name + "'?", error);
-        }
-        throw error;
-    }
-
     private static void loadLibraryByHelper(final Class<?> helper, final String name, final boolean absolute)
             throws UnsatisfiedLinkError {
         Object ret = AccessController.doPrivileged(new PrivilegedAction<Object>() {
@@ -543,14 +537,7 @@ private NativeLibraryLoader() {
 
     private static final class NoexecVolumeDetector {
 
-        @SuppressJava6Requirement(reason = "Usage guarded by java version check")
         private static boolean canExecuteExecutable(File file) throws IOException {
-            if (PlatformDependent.javaVersion() < 7) {
-                // Pre-JDK7, the Java API did not directly support POSIX permissions; instead of implementing a custom
-                // work-around, assume true, which disables the check.
-                return true;
-            }
-
             // If we can already execute, there is nothing to do.
             if (file.canExecute()) {
                 return true;
@@ -560,21 +547,18 @@ private static boolean canExecuteExecutable(File file) throws IOException {
             // The File#canExecute() method honors this behavior, probaby via parsing the noexec flag when initializing
             // the UnixFileStore, though the flag is not exposed via a public API.  To find out if library is being
             // loaded off a volume with noexec, confirm or add executalbe permissions, then check File#canExecute().
-
-            // Note: We use FQCN to not break when netty is used in java6
-            Set<java.nio.file.attribute.PosixFilePermission> existingFilePermissions =
-                    java.nio.file.Files.getPosixFilePermissions(file.toPath());
-            Set<java.nio.file.attribute.PosixFilePermission> executePermissions =
-                    EnumSet.of(java.nio.file.attribute.PosixFilePermission.OWNER_EXECUTE,
-                            java.nio.file.attribute.PosixFilePermission.GROUP_EXECUTE,
-                            java.nio.file.attribute.PosixFilePermission.OTHERS_EXECUTE);
+            Set<PosixFilePermission> existingFilePermissions = Files.getPosixFilePermissions(file.toPath());
+            Set<PosixFilePermission> executePermissions =
+                    EnumSet.of(PosixFilePermission.OWNER_EXECUTE,
+                            PosixFilePermission.GROUP_EXECUTE,
+                            PosixFilePermission.OTHERS_EXECUTE);
             if (existingFilePermissions.containsAll(executePermissions)) {
                 return false;
             }
 
-            Set<java.nio.file.attribute.PosixFilePermission> newPermissions = EnumSet.copyOf(existingFilePermissions);
+            Set<PosixFilePermission> newPermissions = EnumSet.copyOf(existingFilePermissions);
             newPermissions.addAll(executePermissions);
-            java.nio.file.Files.setPosixFilePermissions(file.toPath(), newPermissions);
+            Files.setPosixFilePermissions(file.toPath(), newPermissions);
             return file.canExecute();
         }
 
diff --git a/common/src/main/java/io/netty/util/internal/PlatformDependent.java b/common/src/main/java/io/netty/util/internal/PlatformDependent.java
index 151211d7335..946bd0a325b 100644
--- a/common/src/main/java/io/netty/util/internal/PlatformDependent.java
+++ b/common/src/main/java/io/netty/util/internal/PlatformDependent.java
@@ -57,7 +57,7 @@
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentLinkedDeque;
 import java.util.concurrent.ConcurrentMap;
-import java.util.concurrent.LinkedBlockingDeque;
+import java.util.concurrent.ThreadLocalRandom;
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -116,7 +116,6 @@ public final class PlatformDependent {
     private static final boolean USE_DIRECT_BUFFER_NO_CLEANER;
     private static final AtomicLong DIRECT_MEMORY_COUNTER;
     private static final long DIRECT_MEMORY_LIMIT;
-    private static final ThreadLocalRandomProvider RANDOM_PROVIDER;
     private static final Cleaner CLEANER;
     private static final int UNINITIALIZED_ARRAY_ALLOCATION_THRESHOLD;
     // For specifications, see https://www.freedesktop.org/software/systemd/man/os-release.html
@@ -133,23 +132,6 @@ public void freeDirectBuffer(ByteBuffer buffer) {
     };
 
     static {
-        if (javaVersion() >= 7) {
-            RANDOM_PROVIDER = new ThreadLocalRandomProvider() {
-                @Override
-                @SuppressJava6Requirement(reason = "Usage guarded by java version check")
-                public Random current() {
-                    return java.util.concurrent.ThreadLocalRandom.current();
-                }
-            };
-        } else {
-            RANDOM_PROVIDER = new ThreadLocalRandomProvider() {
-                @Override
-                public Random current() {
-                    return ThreadLocalRandom.current();
-                }
-            };
-        }
-
         // Here is how the system property is used:
         //
         // * <  0  - Don't use cleaner, and inherit max direct memory from java. In this case the
@@ -479,11 +461,7 @@ public static <K, V> ConcurrentMap<K, V> newConcurrentHashMap() {
      * Creates a new fastest {@link LongCounter} implementation for the current platform.
      */
     public static LongCounter newLongCounter() {
-        if (javaVersion() >= 8) {
-            return new LongAdderCounter();
-        } else {
-            return new AtomicLongCounter();
-        }
+        return new LongAdderCounter();
     }
 
     /**
@@ -1108,20 +1086,15 @@ public static ClassLoader getSystemClassLoader() {
     /**
      * Returns a new concurrent {@link Deque}.
      */
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     public static <C> Deque<C> newConcurrentDeque() {
-        if (javaVersion() < 7) {
-            return new LinkedBlockingDeque<C>();
-        } else {
-            return new ConcurrentLinkedDeque<C>();
-        }
+        return new ConcurrentLinkedDeque<C>();
     }
 
     /**
      * Return a {@link Random} which is not-threadsafe and so can only be used from the same thread.
      */
     public static Random threadLocalRandom() {
-        return RANDOM_PROVIDER.current();
+        return ThreadLocalRandom.current();
     }
 
     private static boolean isWindows0() {
@@ -1505,29 +1478,11 @@ public static Set<String> normalizedLinuxClassifiers() {
         return LINUX_OS_CLASSIFIERS;
     }
 
-    @SuppressJava6Requirement(reason = "Guarded by version check")
     public static File createTempFile(String prefix, String suffix, File directory) throws IOException {
-        if (javaVersion() >= 7) {
-            if (directory == null) {
-                return Files.createTempFile(prefix, suffix).toFile();
-            }
-            return Files.createTempFile(directory.toPath(), prefix, suffix).toFile();
-        }
-        final File file;
         if (directory == null) {
-            file = File.createTempFile(prefix, suffix);
-        } else {
-            file = File.createTempFile(prefix, suffix, directory);
-        }
-
-        // Try to adjust the perms, if this fails there is not much else we can do...
-        if (!file.setReadable(false, false)) {
-            throw new IOException("Failed to set permissions on temporary file " + file);
-        }
-        if (!file.setReadable(true, true)) {
-            throw new IOException("Failed to set permissions on temporary file " + file);
+            return Files.createTempFile(prefix, suffix).toFile();
         }
-        return file;
+        return Files.createTempFile(directory.toPath(), prefix, suffix).toFile();
     }
 
     /**
diff --git a/common/src/main/java/io/netty/util/internal/PlatformDependent0.java b/common/src/main/java/io/netty/util/internal/PlatformDependent0.java
index 6ecb50b1858..e85e7c2f749 100644
--- a/common/src/main/java/io/netty/util/internal/PlatformDependent0.java
+++ b/common/src/main/java/io/netty/util/internal/PlatformDependent0.java
@@ -34,7 +34,6 @@
 /**
  * The {@link PlatformDependent} operations which requires access to {@code sun.misc.*}.
  */
-@SuppressJava6Requirement(reason = "Unsafe access is guarded")
 final class PlatformDependent0 {
 
     private static final InternalLogger logger = InternalLoggerFactory.getInstance(PlatformDependent0.class);
diff --git a/common/src/main/java/io/netty/util/internal/SocketUtils.java b/common/src/main/java/io/netty/util/internal/SocketUtils.java
index 7a13f73339b..8404477e0f8 100644
--- a/common/src/main/java/io/netty/util/internal/SocketUtils.java
+++ b/common/src/main/java/io/netty/util/internal/SocketUtils.java
@@ -96,7 +96,6 @@ public Boolean run() throws IOException {
         }
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     public static void bind(final SocketChannel socketChannel, final SocketAddress address) throws IOException {
         try {
             AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() {
@@ -124,7 +123,6 @@ public SocketChannel run() throws IOException {
         }
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     public static void bind(final DatagramChannel networkChannel, final SocketAddress address) throws IOException {
         try {
             AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() {
@@ -200,19 +198,11 @@ public Enumeration<InetAddress> run() {
         return addresses;
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     public static InetAddress loopbackAddress() {
         return AccessController.doPrivileged(new PrivilegedAction<InetAddress>() {
             @Override
             public InetAddress run() {
-                if (PlatformDependent.javaVersion() >= 7) {
-                    return InetAddress.getLoopbackAddress();
-                }
-                try {
-                    return InetAddress.getByName(null);
-                } catch (UnknownHostException e) {
-                    throw new IllegalStateException(e);
-                }
+                return InetAddress.getLoopbackAddress();
             }
         });
     }
diff --git a/common/src/main/java/io/netty/util/internal/SuppressJava6Requirement.java b/common/src/main/java/io/netty/util/internal/SuppressJava6Requirement.java
index 89db0a30975..574d12832d0 100644
--- a/common/src/main/java/io/netty/util/internal/SuppressJava6Requirement.java
+++ b/common/src/main/java/io/netty/util/internal/SuppressJava6Requirement.java
@@ -24,6 +24,7 @@
 /**
  * Annotation to suppress the Java 6 source code requirement checks for a method.
  */
+@Deprecated
 @Retention(RetentionPolicy.CLASS)
 @Target({ ElementType.METHOD, ElementType.CONSTRUCTOR, ElementType.TYPE })
 public @interface SuppressJava6Requirement {
diff --git a/common/src/main/java/io/netty/util/internal/SuppressJava8Requirement.java b/common/src/main/java/io/netty/util/internal/SuppressJava8Requirement.java
new file mode 100644
index 00000000000..4d02d081774
--- /dev/null
+++ b/common/src/main/java/io/netty/util/internal/SuppressJava8Requirement.java
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2024 The Netty Project
+ *
+ * The Netty Project licenses this file to you under the Apache License,
+ * version 2.0 (the "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at:
+ *
+ *   https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.netty.util.internal;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Annotation to suppress the Java 8 source code requirement checks for a method.
+ */
+@Retention(RetentionPolicy.CLASS)
+@Target({ ElementType.METHOD, ElementType.CONSTRUCTOR, ElementType.TYPE })
+public @interface SuppressJava8Requirement {
+
+    String reason();
+}
diff --git a/common/src/main/java/io/netty/util/internal/ThreadLocalRandom.java b/common/src/main/java/io/netty/util/internal/ThreadLocalRandom.java
index eafe0204eab..0013d723dfe 100644
--- a/common/src/main/java/io/netty/util/internal/ThreadLocalRandom.java
+++ b/common/src/main/java/io/netty/util/internal/ThreadLocalRandom.java
@@ -22,8 +22,6 @@
 
 package io.netty.util.internal;
 
-import static io.netty.util.internal.ObjectUtil.checkPositive;
-
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
 
@@ -35,6 +33,8 @@
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicLong;
 
+import static io.netty.util.internal.ObjectUtil.checkPositive;
+
 /**
  * A random number generator isolated to the current thread.  Like the
  * global {@link java.util.Random} generator used by the {@link
@@ -59,6 +59,7 @@
  * //since 1.7
  * //author Doug Lea
  */
+@Deprecated
 @SuppressWarnings("all")
 public final class ThreadLocalRandom extends Random {
 
diff --git a/common/src/main/java/io/netty/util/internal/ThrowableUtil.java b/common/src/main/java/io/netty/util/internal/ThrowableUtil.java
index c33a19e5591..8a64b2789cb 100644
--- a/common/src/main/java/io/netty/util/internal/ThrowableUtil.java
+++ b/common/src/main/java/io/netty/util/internal/ThrowableUtil.java
@@ -54,15 +54,12 @@ public static String stackTraceToString(Throwable cause) {
         }
     }
 
+    @Deprecated
     public static boolean haveSuppressed() {
-        return PlatformDependent.javaVersion() >= 7;
+        return true;
     }
 
-    @SuppressJava6Requirement(reason = "Throwable addSuppressed is only available for >= 7. Has check for < 7.")
     public static void addSuppressed(Throwable target, Throwable suppressed) {
-        if (!haveSuppressed()) {
-            return;
-        }
         target.addSuppressed(suppressed);
     }
 
@@ -77,11 +74,7 @@ public static void addSuppressed(Throwable target, List<Throwable> suppressed) {
         }
     }
 
-    @SuppressJava6Requirement(reason = "Throwable getSuppressed is only available for >= 7. Has check for < 7.")
     public static Throwable[] getSuppressed(Throwable source) {
-        if (!haveSuppressed()) {
-            return EmptyArrays.EMPTY_THROWABLES;
-        }
         return source.getSuppressed();
     }
 }
diff --git a/common/src/test/java/io/netty/util/internal/NativeLibraryLoaderTest.java b/common/src/test/java/io/netty/util/internal/NativeLibraryLoaderTest.java
index 03b66f637b2..3f247434d29 100644
--- a/common/src/test/java/io/netty/util/internal/NativeLibraryLoaderTest.java
+++ b/common/src/test/java/io/netty/util/internal/NativeLibraryLoaderTest.java
@@ -46,9 +46,7 @@ void testFileNotFound() {
             fail();
         } catch (UnsatisfiedLinkError error) {
             assertTrue(error.getCause() instanceof FileNotFoundException);
-            if (PlatformDependent.javaVersion() >= 7) {
-                verifySuppressedException(error, UnsatisfiedLinkError.class);
-            }
+            verifySuppressedException(error, UnsatisfiedLinkError.class);
         }
     }
 
@@ -59,9 +57,7 @@ void testFileNotFoundWithNullClassLoader() {
             fail();
         } catch (UnsatisfiedLinkError error) {
             assertTrue(error.getCause() instanceof FileNotFoundException);
-            if (PlatformDependent.javaVersion() >= 7) {
-                verifySuppressedException(error, ClassNotFoundException.class);
-            }
+            verifySuppressedException(error, ClassNotFoundException.class);
         }
     }
 
@@ -110,7 +106,6 @@ void testSingleResourceInTheClassLoader() throws MalformedURLException {
         assertTrue(true);
     }
 
-    @SuppressJava6Requirement(reason = "uses Java 7+ Throwable#getSuppressed but is guarded by version checks")
     private static void verifySuppressedException(UnsatisfiedLinkError error,
             Class<?> expectedSuppressedExceptionClass) {
         try {
diff --git a/handler/src/main/java/io/netty/handler/ssl/BouncyCastleAlpnSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/BouncyCastleAlpnSslEngine.java
index 38d25772885..fbc6a768a77 100644
--- a/handler/src/main/java/io/netty/handler/ssl/BouncyCastleAlpnSslEngine.java
+++ b/handler/src/main/java/io/netty/handler/ssl/BouncyCastleAlpnSslEngine.java
@@ -15,14 +15,11 @@
  */
 package io.netty.handler.ssl;
 
-import io.netty.util.internal.SuppressJava6Requirement;
-
-import javax.net.ssl.SSLEngine;
 import java.util.List;
 import java.util.function.BiConsumer;
 import java.util.function.BiFunction;
+import javax.net.ssl.SSLEngine;
 
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 final class BouncyCastleAlpnSslEngine extends JdkAlpnSslEngine {
 
     BouncyCastleAlpnSslEngine(SSLEngine engine,
diff --git a/handler/src/main/java/io/netty/handler/ssl/BouncyCastleAlpnSslUtils.java b/handler/src/main/java/io/netty/handler/ssl/BouncyCastleAlpnSslUtils.java
index 50d4ab61572..3122e8a5db2 100644
--- a/handler/src/main/java/io/netty/handler/ssl/BouncyCastleAlpnSslUtils.java
+++ b/handler/src/main/java/io/netty/handler/ssl/BouncyCastleAlpnSslUtils.java
@@ -15,15 +15,11 @@
  */
 package io.netty.handler.ssl;
 
-
 import io.netty.util.internal.EmptyArrays;
 import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
 
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
 import java.lang.reflect.InvocationHandler;
 import java.lang.reflect.Method;
 import java.lang.reflect.Proxy;
@@ -31,10 +27,11 @@
 import java.security.PrivilegedExceptionAction;
 import java.util.List;
 import java.util.function.BiFunction;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
 
 import static io.netty.handler.ssl.SslUtils.getSSLContext;
 
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 final class BouncyCastleAlpnSslUtils {
     private static final InternalLogger logger = InternalLoggerFactory.getInstance(BouncyCastleAlpnSslUtils.class);
     private static final Method SET_PARAMETERS;
diff --git a/handler/src/main/java/io/netty/handler/ssl/Conscrypt.java b/handler/src/main/java/io/netty/handler/ssl/Conscrypt.java
index c5af3fd39a4..6ba16aea67c 100644
--- a/handler/src/main/java/io/netty/handler/ssl/Conscrypt.java
+++ b/handler/src/main/java/io/netty/handler/ssl/Conscrypt.java
@@ -17,9 +17,9 @@
 
 import io.netty.util.internal.PlatformDependent;
 
-import javax.net.ssl.SSLEngine;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import javax.net.ssl.SSLEngine;
 
 /**
  * Contains methods that can be used to detect if conscrypt is usable.
@@ -32,10 +32,9 @@ final class Conscrypt {
     static {
         Method isConscryptSSLEngine = null;
 
-        if ((PlatformDependent.javaVersion() >= 8 &&
-                // Only works on Java14 and earlier for now
-                // See https://github.com/google/conscrypt/issues/838
-                PlatformDependent.javaVersion() < 15) || PlatformDependent.isAndroid()) {
+        // Only works on Java14 and earlier for now
+        // See https://github.com/google/conscrypt/issues/838
+        if (PlatformDependent.javaVersion() < 15 || PlatformDependent.isAndroid()) {
             try {
                 Class<?> providerClass = Class.forName("org.conscrypt.OpenSSLProvider", true,
                         PlatformDependent.getClassLoader(ConscryptAlpnSslEngine.class));
diff --git a/handler/src/main/java/io/netty/handler/ssl/EnhancingX509ExtendedTrustManager.java b/handler/src/main/java/io/netty/handler/ssl/EnhancingX509ExtendedTrustManager.java
index c2c3e9032a9..c250544b5d0 100644
--- a/handler/src/main/java/io/netty/handler/ssl/EnhancingX509ExtendedTrustManager.java
+++ b/handler/src/main/java/io/netty/handler/ssl/EnhancingX509ExtendedTrustManager.java
@@ -16,23 +16,19 @@
 
 package io.netty.handler.ssl;
 
-import io.netty.util.internal.SuppressJava6Requirement;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.X509ExtendedTrustManager;
-import javax.net.ssl.X509TrustManager;
 import java.net.Socket;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.util.Collection;
 import java.util.List;
-
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.X509ExtendedTrustManager;
+import javax.net.ssl.X509TrustManager;
 
 /**
  * Wraps an existing {@link X509ExtendedTrustManager} and enhances the {@link CertificateException} that is thrown
  * because of hostname validation.
  */
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 final class EnhancingX509ExtendedTrustManager extends X509ExtendedTrustManager {
     private final X509ExtendedTrustManager wrapped;
 
diff --git a/handler/src/main/java/io/netty/handler/ssl/ExtendedOpenSslSession.java b/handler/src/main/java/io/netty/handler/ssl/ExtendedOpenSslSession.java
index a0164268577..4364fdb8ca0 100644
--- a/handler/src/main/java/io/netty/handler/ssl/ExtendedOpenSslSession.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ExtendedOpenSslSession.java
@@ -16,25 +16,24 @@
 package io.netty.handler.ssl;
 
 import io.netty.util.internal.EmptyArrays;
-import io.netty.util.internal.SuppressJava6Requirement;
 
+import java.security.Principal;
+import java.security.cert.Certificate;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
 import javax.net.ssl.ExtendedSSLSession;
+import javax.net.ssl.SNIServerName;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSessionBindingEvent;
 import javax.net.ssl.SSLSessionBindingListener;
 import javax.security.cert.X509Certificate;
-import java.security.Principal;
-import java.security.cert.Certificate;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
 
 /**
  * Delegates all operations to a wrapped {@link OpenSslSession} except the methods defined by {@link ExtendedSSLSession}
  * itself.
  */
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 abstract class ExtendedOpenSslSession extends ExtendedSSLSession implements OpenSslSession {
 
     // TODO: use OpenSSL API to actually fetch the real data but for now just do what Conscrypt does:
@@ -52,10 +51,8 @@ abstract class ExtendedOpenSslSession extends ExtendedSSLSession implements Open
         this.wrapped = wrapped;
     }
 
-    // Use rawtypes an unchecked override to be able to also work on java7.
     @Override
-    @SuppressWarnings({ "unchecked", "rawtypes" })
-    public abstract List getRequestedServerNames();
+    public abstract List<SNIServerName> getRequestedServerNames();
 
     // Do not mark as override so we can compile on java8.
     public List<byte[]> getStatusResponses() {
diff --git a/handler/src/main/java/io/netty/handler/ssl/Java7SslParametersUtils.java b/handler/src/main/java/io/netty/handler/ssl/Java7SslParametersUtils.java
deleted file mode 100644
index 5a18dc56c26..00000000000
--- a/handler/src/main/java/io/netty/handler/ssl/Java7SslParametersUtils.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright 2014 The Netty Project
- *
- * The Netty Project licenses this file to you under the Apache License,
- * version 2.0 (the "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at:
- *
- *   https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
- */
-package io.netty.handler.ssl;
-
-import io.netty.util.internal.SuppressJava6Requirement;
-
-import javax.net.ssl.SSLParameters;
-import java.security.AlgorithmConstraints;
-
-final class Java7SslParametersUtils {
-
-    private Java7SslParametersUtils() {
-        // Utility
-    }
-
-    /**
-     * Utility method that is used by {@link OpenSslEngine} and so allow use not have any reference to
-     * {@link AlgorithmConstraints} in the code. This helps us to not get into trouble when using it in java
-     * version < 7 and especially when using on android.
-     */
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
-    static void setAlgorithmConstraints(SSLParameters sslParameters, Object algorithmConstraints) {
-        sslParameters.setAlgorithmConstraints((AlgorithmConstraints) algorithmConstraints);
-    }
-}
diff --git a/handler/src/main/java/io/netty/handler/ssl/Java8SslUtils.java b/handler/src/main/java/io/netty/handler/ssl/Java8SslUtils.java
deleted file mode 100644
index 4396ef4341f..00000000000
--- a/handler/src/main/java/io/netty/handler/ssl/Java8SslUtils.java
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * Copyright 2016 The Netty Project
- *
- * The Netty Project licenses this file to you under the Apache License,
- * version 2.0 (the "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at:
- *
- *   https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
- */
-package io.netty.handler.ssl;
-
-import io.netty.util.internal.SuppressJava6Requirement;
-import io.netty.util.CharsetUtil;
-
-import javax.net.ssl.SNIHostName;
-import javax.net.ssl.SNIMatcher;
-import javax.net.ssl.SNIServerName;
-import javax.net.ssl.SSLParameters;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.List;
-
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
-final class Java8SslUtils {
-
-    private Java8SslUtils() { }
-
-    static List<String> getSniHostNames(SSLParameters sslParameters) {
-        List<SNIServerName> names = sslParameters.getServerNames();
-        if (names == null || names.isEmpty()) {
-            return Collections.emptyList();
-        }
-        List<String> strings = new ArrayList<String>(names.size());
-
-        for (SNIServerName serverName : names) {
-            if (serverName instanceof SNIHostName) {
-                strings.add(((SNIHostName) serverName).getAsciiName());
-            } else {
-                throw new IllegalArgumentException("Only " + SNIHostName.class.getName()
-                        + " instances are supported, but found: " + serverName);
-            }
-        }
-        return strings;
-    }
-
-    static void setSniHostNames(SSLParameters sslParameters, List<String> names) {
-        sslParameters.setServerNames(getSniHostNames(names));
-    }
-
-    static boolean isValidHostNameForSNI(String hostname) {
-        try {
-            new SNIHostName(hostname);
-            return true;
-        } catch (IllegalArgumentException illegal) {
-            return false;
-        }
-    }
-
-    static List getSniHostNames(List<String> names) {
-        if (names == null || names.isEmpty()) {
-            return Collections.emptyList();
-        }
-        List<SNIServerName> sniServerNames = new ArrayList<SNIServerName>(names.size());
-        for (String name: names) {
-            sniServerNames.add(new SNIHostName(name.getBytes(CharsetUtil.UTF_8)));
-        }
-        return sniServerNames;
-    }
-
-    static List getSniHostName(byte[] hostname) {
-        if (hostname == null || hostname.length == 0) {
-            return Collections.emptyList();
-        }
-        return Collections.singletonList(new SNIHostName(hostname));
-    }
-
-    static boolean getUseCipherSuitesOrder(SSLParameters sslParameters) {
-        return sslParameters.getUseCipherSuitesOrder();
-    }
-
-    static void setUseCipherSuitesOrder(SSLParameters sslParameters, boolean useOrder) {
-        sslParameters.setUseCipherSuitesOrder(useOrder);
-    }
-
-    @SuppressWarnings("unchecked")
-    static void setSNIMatchers(SSLParameters sslParameters, Collection<?> matchers) {
-        sslParameters.setSNIMatchers((Collection<SNIMatcher>) matchers);
-    }
-
-    @SuppressWarnings("unchecked")
-    static boolean checkSniHostnameMatch(Collection<?> matchers, byte[] hostname) {
-        if (matchers != null && !matchers.isEmpty()) {
-            SNIHostName name = new SNIHostName(hostname);
-            Iterator<SNIMatcher> matcherIt = (Iterator<SNIMatcher>) matchers.iterator();
-            while (matcherIt.hasNext()) {
-                SNIMatcher matcher = matcherIt.next();
-                // type 0 is for hostname
-                if (matcher.getType() == 0 && matcher.matches(name)) {
-                    return true;
-                }
-            }
-            return false;
-        }
-        return true;
-    }
-}
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
index 08fdc36c26a..2f25a19e6a3 100644
--- a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
+++ b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
@@ -16,23 +16,20 @@
 package io.netty.handler.ssl;
 
 import io.netty.util.internal.StringUtil;
-import io.netty.util.internal.SuppressJava6Requirement;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLEngineResult;
-import javax.net.ssl.SSLException;
 
 import java.nio.ByteBuffer;
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.function.BiConsumer;
 import java.util.function.BiFunction;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLEngineResult;
+import javax.net.ssl.SSLException;
 
-import static io.netty.handler.ssl.SslUtils.toSSLHandshakeException;
 import static io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectionListener;
 import static io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;
+import static io.netty.handler.ssl.SslUtils.toSSLHandshakeException;
 
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 class JdkAlpnSslEngine extends JdkSslEngine {
     private final ProtocolSelectionListener selectionListener;
     private final AlpnSelector alpnSelector;
@@ -189,18 +186,22 @@ public String getNegotiatedApplicationProtocol() {
 
     // These methods will override the methods defined by Java 8u251 and later. As we may compile with an earlier
     // java8 version we don't use @Override annotations here.
+    @SuppressWarnings("override")
     public String getApplicationProtocol() {
         return JdkAlpnSslUtils.getApplicationProtocol(getWrappedEngine());
     }
 
+    @SuppressWarnings("override")
     public String getHandshakeApplicationProtocol() {
         return JdkAlpnSslUtils.getHandshakeApplicationProtocol(getWrappedEngine());
     }
 
+    @SuppressWarnings("override")
     public void setHandshakeApplicationProtocolSelector(BiFunction<SSLEngine, List<String>, String> selector) {
         JdkAlpnSslUtils.setHandshakeApplicationProtocolSelector(getWrappedEngine(), selector);
     }
 
+    @SuppressWarnings("override")
     public BiFunction<SSLEngine, List<String>, String> getHandshakeApplicationProtocolSelector() {
         return JdkAlpnSslUtils.getHandshakeApplicationProtocolSelector(getWrappedEngine());
     }
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslUtils.java b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslUtils.java
index cc230ef7ba3..eb28c0f661a 100644
--- a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslUtils.java
+++ b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslUtils.java
@@ -15,23 +15,20 @@
  */
 package io.netty.handler.ssl;
 
+import io.netty.util.internal.EmptyArrays;
+import io.netty.util.internal.PlatformDependent;
+import io.netty.util.internal.logging.InternalLogger;
+import io.netty.util.internal.logging.InternalLoggerFactory;
 
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLParameters;
 import java.lang.reflect.Method;
 import java.security.AccessController;
 import java.security.PrivilegedExceptionAction;
 import java.util.List;
 import java.util.function.BiFunction;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLParameters;
 
-import io.netty.util.internal.EmptyArrays;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
-import io.netty.util.internal.logging.InternalLogger;
-import io.netty.util.internal.logging.InternalLoggerFactory;
-
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 final class JdkAlpnSslUtils {
     private static final InternalLogger logger = InternalLoggerFactory.getInstance(JdkAlpnSslUtils.class);
     private static final Method SET_APPLICATION_PROTOCOLS;
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/JdkSslEngine.java
index 8f7fa66af9e..d1f8163d657 100644
--- a/handler/src/main/java/io/netty/handler/ssl/JdkSslEngine.java
+++ b/handler/src/main/java/io/netty/handler/ssl/JdkSslEngine.java
@@ -15,10 +15,7 @@
  */
 package io.netty.handler.ssl;
 
-import io.netty.util.internal.SuppressJava6Requirement;
-
 import java.nio.ByteBuffer;
-
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
 import javax.net.ssl.SSLEngineResult.HandshakeStatus;
@@ -147,7 +144,6 @@ public void setEnabledProtocols(String[] strings) {
         engine.setEnabledProtocols(strings);
     }
 
-    @SuppressJava6Requirement(reason = "Can only be called when running on JDK7+")
     @Override
     public SSLSession getHandshakeSession() {
         return engine.getHandshakeSession();
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkSslServerContext.java b/handler/src/main/java/io/netty/handler/ssl/JdkSslServerContext.java
index ca2bec16957..5d2f70b36e4 100644
--- a/handler/src/main/java/io/netty/handler/ssl/JdkSslServerContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/JdkSslServerContext.java
@@ -17,20 +17,23 @@
 package io.netty.handler.ssl;
 
 import io.netty.util.CharsetUtil;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 
 import java.io.ByteArrayInputStream;
+import java.io.File;
 import java.io.IOException;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.KeyException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
 import java.security.Provider;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.security.spec.InvalidKeySpecException;
 import javax.crypto.NoSuchPaddingException;
 import javax.net.ssl.KeyManager;
-
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLException;
@@ -38,12 +41,6 @@
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.X509ExtendedTrustManager;
-import java.io.File;
-import java.security.PrivateKey;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.security.spec.InvalidKeySpecException;
 
 import static io.netty.handler.ssl.SslUtils.PROBING_CERT;
 import static io.netty.handler.ssl.SslUtils.PROBING_KEY;
@@ -60,20 +57,17 @@ public final class JdkSslServerContext extends JdkSslContext {
     private static final boolean WRAP_TRUST_MANAGER;
     static {
         boolean wrapTrustManager = false;
-        if (PlatformDependent.javaVersion() >= 7) {
-            try {
-                checkIfWrappingTrustManagerIsSupported();
-                wrapTrustManager = true;
-            } catch (Throwable ignore) {
-                // Just don't wrap as we might not be able to do so because of FIPS:
-                // See https://github.com/netty/netty/issues/13840
-            }
+        try {
+            checkIfWrappingTrustManagerIsSupported();
+            wrapTrustManager = true;
+        } catch (Throwable ignore) {
+            // Just don't wrap as we might not be able to do so because of FIPS:
+            // See https://github.com/netty/netty/issues/13840
         }
         WRAP_TRUST_MANAGER = wrapTrustManager;
     }
 
     // Package-private for testing.
-    @SuppressJava6Requirement(reason = "Guarded by java version check")
     static void checkIfWrappingTrustManagerIsSupported() throws CertificateException,
             InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchAlgorithmException,
             InvalidKeySpecException, IOException, KeyException, KeyStoreException, UnrecoverableKeyException {
@@ -351,9 +345,8 @@ private static SSLContext newSSLContext(Provider sslContextProvider, X509Certifi
         }
     }
 
-    @SuppressJava6Requirement(reason = "Guarded by java version check")
     private static TrustManager[] wrapTrustManagerIfNeeded(TrustManager[] trustManagers) {
-        if (WRAP_TRUST_MANAGER && PlatformDependent.javaVersion() >= 7) {
+        if (WRAP_TRUST_MANAGER) {
             for (int i = 0; i < trustManagers.length; i++) {
                 TrustManager tm = trustManagers[i];
                 if (tm instanceof X509ExtendedTrustManager) {
diff --git a/handler/src/main/java/io/netty/handler/ssl/JettyAlpnSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/JettyAlpnSslEngine.java
index c8f03f99639..f98cbe4e9a3 100644
--- a/handler/src/main/java/io/netty/handler/ssl/JettyAlpnSslEngine.java
+++ b/handler/src/main/java/io/netty/handler/ssl/JettyAlpnSslEngine.java
@@ -15,20 +15,18 @@
  */
 package io.netty.handler.ssl;
 
-import static io.netty.handler.ssl.SslUtils.toSSLHandshakeException;
-import static io.netty.util.internal.ObjectUtil.checkNotNull;
-
 import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectionListener;
 import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;
+import io.netty.util.internal.PlatformDependent;
+import org.eclipse.jetty.alpn.ALPN;
 
 import java.util.LinkedHashSet;
 import java.util.List;
-
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLException;
 
-import io.netty.util.internal.PlatformDependent;
-import org.eclipse.jetty.alpn.ALPN;
+import static io.netty.handler.ssl.SslUtils.toSSLHandshakeException;
+import static io.netty.util.internal.ObjectUtil.checkNotNull;
 
 abstract class JettyAlpnSslEngine extends JdkSslEngine {
     private static final boolean available = initAvailable();
@@ -38,7 +36,7 @@ static boolean isAvailable() {
     }
 
     private static boolean initAvailable() {
-        if (PlatformDependent.javaVersion() <= 8) {
+        if (PlatformDependent.javaVersion() == 8) {
             try {
                 // Always use bootstrap class loader.
                 Class.forName("sun.security.ssl.ALPNExtension", true, null);
diff --git a/handler/src/main/java/io/netty/handler/ssl/OpenSslX509TrustManagerWrapper.java b/handler/src/main/java/io/netty/handler/ssl/OpenSslX509TrustManagerWrapper.java
index 8851db1aa82..8603747d09a 100644
--- a/handler/src/main/java/io/netty/handler/ssl/OpenSslX509TrustManagerWrapper.java
+++ b/handler/src/main/java/io/netty/handler/ssl/OpenSslX509TrustManagerWrapper.java
@@ -17,14 +17,9 @@
 
 import io.netty.util.internal.EmptyArrays;
 import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
 
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509ExtendedTrustManager;
-import javax.net.ssl.X509TrustManager;
 import java.lang.reflect.Field;
 import java.security.AccessController;
 import java.security.KeyManagementException;
@@ -33,15 +28,18 @@
 import java.security.PrivilegedAction;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509ExtendedTrustManager;
+import javax.net.ssl.X509TrustManager;
 
 /**
  * Utility which allows to wrap {@link X509TrustManager} implementations with the internal implementation used by
  * {@code SSLContextImpl} that provides extended verification.
- *
+ * <p>
  * This is really a "hack" until there is an official API as requested on the in
  * <a href="https://bugs.openjdk.java.net/projects/JDK/issues/JDK-8210843">JDK-8210843</a>.
  */
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 final class OpenSslX509TrustManagerWrapper {
     private static final InternalLogger LOGGER = InternalLoggerFactory
             .getInstance(OpenSslX509TrustManagerWrapper.class);
@@ -168,7 +166,6 @@ private static final class UnsafeTrustManagerWrapper implements TrustManagerWrap
             this.tmOffset = tmOffset;
         }
 
-        @SuppressJava6Requirement(reason = "Usage guarded by java version check")
         @Override
         public X509TrustManager wrapIfNeeded(X509TrustManager manager) {
             if (!(manager instanceof X509ExtendedTrustManager)) {
diff --git a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslClientContext.java b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslClientContext.java
index 2609489b327..46b8c510564 100644
--- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslClientContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslClientContext.java
@@ -16,22 +16,19 @@
 package io.netty.handler.ssl;
 
 import io.netty.internal.tcnative.CertificateCallback;
-import io.netty.util.internal.EmptyArrays;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.internal.tcnative.SSL;
 import io.netty.internal.tcnative.SSLContext;
+import io.netty.util.internal.EmptyArrays;
 
 import java.security.KeyStore;
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
-
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
-
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.TrustManagerFactory;
@@ -188,7 +185,6 @@ static OpenSslSessionContext newSessionContext(ReferenceCountedOpenSslContext th
         }
     }
 
-    @SuppressJava6Requirement(reason = "Guarded by java version check")
     private static void setVerifyCallback(long ctx, OpenSslEngineMap engineMap, X509TrustManager manager) {
         // Use this to prevent an error when running on java < 7
         if (useExtendedTrustManager(manager)) {
@@ -220,7 +216,6 @@ void verify(ReferenceCountedOpenSslEngine engine, X509Certificate[] peerCerts, S
         }
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     private static final class ExtendedTrustManagerVerifyCallback extends AbstractCertificateVerifier {
         private final X509ExtendedTrustManager manager;
 
diff --git a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslContext.java b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslContext.java
index c18f76c60f3..079687f42b3 100644
--- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslContext.java
@@ -35,7 +35,6 @@
 import io.netty.util.internal.EmptyArrays;
 import io.netty.util.internal.PlatformDependent;
 import io.netty.util.internal.StringUtil;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.SystemPropertyUtil;
 import io.netty.util.internal.UnstableApi;
 import io.netty.util.internal.logging.InternalLogger;
@@ -58,7 +57,6 @@
 import java.util.concurrent.locks.Lock;
 import java.util.concurrent.locks.ReadWriteLock;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
-
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLEngine;
@@ -71,8 +69,8 @@
 
 import static io.netty.handler.ssl.OpenSsl.DEFAULT_CIPHERS;
 import static io.netty.handler.ssl.OpenSsl.availableJavaCipherSuites;
-import static io.netty.util.internal.ObjectUtil.checkNotNull;
 import static io.netty.util.internal.ObjectUtil.checkNonEmpty;
+import static io.netty.util.internal.ObjectUtil.checkNotNull;
 import static io.netty.util.internal.ObjectUtil.checkPositiveOrZero;
 
 /**
@@ -666,14 +664,11 @@ protected static X509Certificate[] certificates(byte[][] chain) {
     protected static X509TrustManager chooseTrustManager(TrustManager[] managers) {
         for (TrustManager m : managers) {
             if (m instanceof X509TrustManager) {
-                X509TrustManager tm = (X509TrustManager) m;
-                if (PlatformDependent.javaVersion() >= 7) {
-                    tm = OpenSslX509TrustManagerWrapper.wrapIfNeeded((X509TrustManager) m);
-                    if (useExtendedTrustManager(tm)) {
-                        // Wrap the TrustManager to provide a better exception message for users to debug hostname
-                        // validation failures.
-                        tm = new EnhancingX509ExtendedTrustManager(tm);
-                    }
+                X509TrustManager tm = OpenSslX509TrustManagerWrapper.wrapIfNeeded((X509TrustManager) m);
+                if (useExtendedTrustManager(tm)) {
+                    // Wrap the TrustManager to provide a better exception message for users to debug hostname
+                    // validation failures.
+                    tm = new EnhancingX509ExtendedTrustManager(tm);
                 }
                 return tm;
             }
@@ -734,9 +729,8 @@ static OpenSslApplicationProtocolNegotiator toNegotiator(ApplicationProtocolConf
         }
     }
 
-    @SuppressJava6Requirement(reason = "Guarded by java version check")
     static boolean useExtendedTrustManager(X509TrustManager trustManager) {
-        return PlatformDependent.javaVersion() >= 7 && trustManager instanceof X509ExtendedTrustManager;
+        return trustManager instanceof X509ExtendedTrustManager;
     }
 
     @Override
@@ -812,16 +806,10 @@ public final int verify(long ssl, byte[][] chain, String auth) {
                 if (cause instanceof CertificateNotYetValidException) {
                     return CertificateVerifier.X509_V_ERR_CERT_NOT_YET_VALID;
                 }
-                if (PlatformDependent.javaVersion() >= 7) {
-                    return translateToError(cause);
-                }
-
-                // Could not detect a specific error code to use, so fallback to a default code.
-                return CertificateVerifier.X509_V_ERR_UNSPECIFIED;
+                return translateToError(cause);
             }
         }
 
-        @SuppressJava6Requirement(reason = "Usage guarded by java version check")
         private static int translateToError(Throwable cause) {
             if (cause instanceof CertificateRevokedException) {
                 return CertificateVerifier.X509_V_ERR_CERT_REVOKED;
diff --git a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java
index 3e32f9cffa7..6e268271179 100644
--- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java
@@ -31,7 +31,6 @@
 import io.netty.util.internal.EmptyArrays;
 import io.netty.util.internal.PlatformDependent;
 import io.netty.util.internal.StringUtil;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.ThrowableUtil;
 import io.netty.util.internal.UnstableApi;
 import io.netty.util.internal.logging.InternalLogger;
@@ -39,8 +38,10 @@
 
 import java.nio.ByteBuffer;
 import java.nio.ReadOnlyBufferException;
+import java.security.AlgorithmConstraints;
 import java.security.Principal;
 import java.security.cert.Certificate;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
@@ -51,8 +52,10 @@
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.locks.Lock;
-
 import javax.crypto.spec.SecretKeySpec;
+import javax.net.ssl.SNIHostName;
+import javax.net.ssl.SNIMatcher;
+import javax.net.ssl.SNIServerName;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
 import javax.net.ssl.SSLException;
@@ -190,9 +193,8 @@ protected void deallocate() {
     private Object algorithmConstraints;
     private List<String> sniHostNames;
 
-    // Mark as volatile as accessed by checkSniHostnameMatch(...) and also not specify the SNIMatcher type to allow us
-    // using it with java7.
-    private volatile Collection<?> matchers;
+    // Mark as volatile as accessed by checkSniHostnameMatch(...).
+    private volatile Collection<SNIMatcher> matchers;
 
     // SSL Engine status variables
     private boolean isInboundDone;
@@ -235,82 +237,79 @@ protected void deallocate() {
         apn = (OpenSslApplicationProtocolNegotiator) context.applicationProtocolNegotiator();
         clientMode = context.isClient();
 
-        if (PlatformDependent.javaVersion() >= 7) {
-            session = new ExtendedOpenSslSession(new DefaultOpenSslSession(context.sessionContext())) {
-                private String[] peerSupportedSignatureAlgorithms;
-                private List requestedServerNames;
+        session = new ExtendedOpenSslSession(new DefaultOpenSslSession(context.sessionContext())) {
+            private String[] peerSupportedSignatureAlgorithms;
+            private List<SNIServerName> requestedServerNames;
 
-                @Override
-                public List getRequestedServerNames() {
-                    if (clientMode) {
-                        return Java8SslUtils.getSniHostNames(sniHostNames);
-                    } else {
-                        synchronized (ReferenceCountedOpenSslEngine.this) {
-                            if (requestedServerNames == null) {
-                                if (isDestroyed()) {
+            @Override
+            public List<SNIServerName> getRequestedServerNames() {
+                if (clientMode) {
+                    return getSniHostNames(sniHostNames);
+                } else {
+                    synchronized (ReferenceCountedOpenSslEngine.this) {
+                        if (requestedServerNames == null) {
+                            if (isDestroyed()) {
+                                requestedServerNames = Collections.emptyList();
+                            } else {
+                                String name = SSL.getSniHostname(ssl);
+                                if (name == null) {
                                     requestedServerNames = Collections.emptyList();
                                 } else {
-                                    String name = SSL.getSniHostname(ssl);
-                                    if (name == null) {
-                                        requestedServerNames = Collections.emptyList();
-                                    } else {
-                                        // Convert to bytes as we do not want to do any strict validation of the
-                                        // SNIHostName while creating it.
-                                        requestedServerNames =
-                                                Java8SslUtils.getSniHostName(
-                                                        SSL.getSniHostname(ssl).getBytes(CharsetUtil.UTF_8));
-                                    }
+                                    // Convert to bytes as we do not want to do any strict validation of the
+                                    // SNIHostName while creating it.
+                                    byte[] hostname = SSL.getSniHostname(ssl).getBytes(CharsetUtil.UTF_8);
+                                    requestedServerNames = hostname == null || hostname.length == 0 ?
+                                            Collections.emptyList() :
+                                                    Collections.singletonList(new SNIHostName(hostname));
                                 }
                             }
-                            return requestedServerNames;
                         }
+                        return requestedServerNames;
                     }
                 }
+            }
 
-                @Override
-                public String[] getPeerSupportedSignatureAlgorithms() {
-                    synchronized (ReferenceCountedOpenSslEngine.this) {
-                        if (peerSupportedSignatureAlgorithms == null) {
-                            if (isDestroyed()) {
+            @Override
+            public String[] getPeerSupportedSignatureAlgorithms() {
+                synchronized (ReferenceCountedOpenSslEngine.this) {
+                    if (peerSupportedSignatureAlgorithms == null) {
+                        if (isDestroyed()) {
+                            peerSupportedSignatureAlgorithms = EMPTY_STRINGS;
+                        } else {
+                            String[] algs = SSL.getSigAlgs(ssl);
+                            if (algs == null) {
                                 peerSupportedSignatureAlgorithms = EMPTY_STRINGS;
                             } else {
-                                String[] algs = SSL.getSigAlgs(ssl);
-                                if (algs == null) {
-                                    peerSupportedSignatureAlgorithms = EMPTY_STRINGS;
-                                } else {
-                                    Set<String> algorithmList = new LinkedHashSet<String>(algs.length);
-                                    for (String alg: algs) {
-                                        String converted = SignatureAlgorithmConverter.toJavaName(alg);
+                                Set<String> algorithmList = new LinkedHashSet<String>(algs.length);
+                                for (String alg: algs) {
+                                    String converted = SignatureAlgorithmConverter.toJavaName(alg);
 
-                                        if (converted != null) {
-                                            algorithmList.add(converted);
-                                        }
+                                    if (converted != null) {
+                                        algorithmList.add(converted);
                                     }
-                                    peerSupportedSignatureAlgorithms = algorithmList.toArray(EMPTY_STRINGS);
                                 }
+                                peerSupportedSignatureAlgorithms = algorithmList.toArray(EMPTY_STRINGS);
                             }
                         }
-                        return peerSupportedSignatureAlgorithms.clone();
                     }
+                    return peerSupportedSignatureAlgorithms.clone();
                 }
+            }
 
-                @Override
-                public List<byte[]> getStatusResponses() {
-                    byte[] ocspResponse = null;
-                    if (enableOcsp && clientMode) {
-                        synchronized (ReferenceCountedOpenSslEngine.this) {
-                            if (!isDestroyed()) {
-                                ocspResponse = SSL.getOcspResponse(ssl);
-                            }
+            @Override
+            public List<byte[]> getStatusResponses() {
+                byte[] ocspResponse = null;
+                if (enableOcsp && clientMode) {
+                    synchronized (ReferenceCountedOpenSslEngine.this) {
+                        if (!isDestroyed()) {
+                            ocspResponse = SSL.getOcspResponse(ssl);
                         }
                     }
-                    return ocspResponse == null ?
-                            Collections.<byte[]>emptyList() : Collections.singletonList(ocspResponse);
                 }
-            };
-        } else {
-            session = new DefaultOpenSslSession(context.sessionContext());
-        }
+                return ocspResponse == null ?
+                        Collections.<byte[]>emptyList() : Collections.singletonList(ocspResponse);
+            }
+        };
 
         if (!context.sessionContext().useKeyManager()) {
             session.setLocalCertificate(context.keyCertChain);
@@ -341,14 +340,8 @@ public List<byte[]> getStatusResponses() {
                 // Use SNI if peerHost was specified and a valid hostname
                 // See https://github.com/netty/netty/issues/4746
                 if (clientMode && SslUtils.isValidHostNameForSNI(peerHost)) {
-                    // If on java8 and later we should do some extra validation to ensure we can construct the
-                    // SNIHostName later again.
-                    if (PlatformDependent.javaVersion() >= 8) {
-                        if (Java8SslUtils.isValidHostNameForSNI(peerHost)) {
-                            SSL.setTlsExtHostName(ssl, peerHost);
-                            sniHostNames = Collections.singletonList(peerHost);
-                        }
-                    } else {
+                    // We do some extra validation to ensure we can construct the SNIHostName later again.
+                    if (isValidHostNameForSNI(peerHost)) {
                         SSL.setTlsExtHostName(ssl, peerHost);
                         sniHostNames = Collections.singletonList(peerHost);
                     }
@@ -406,6 +399,15 @@ public List<byte[]> getStatusResponses() {
         leak = leakDetection ? leakDetector.track(this) : null;
     }
 
+    private static boolean isValidHostNameForSNI(String hostname) {
+        try {
+            new SNIHostName(hostname);
+            return true;
+        } catch (IllegalArgumentException illegal) {
+            return false;
+        }
+    }
+
     final synchronized String[] authMethods() {
         if (isDestroyed()) {
             return EMPTY_STRINGS;
@@ -2181,72 +2183,88 @@ public final boolean getEnableSessionCreation() {
         return false;
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     @Override
     public final synchronized SSLParameters getSSLParameters() {
         SSLParameters sslParameters = super.getSSLParameters();
 
-        int version = PlatformDependent.javaVersion();
-        if (version >= 7) {
-            sslParameters.setEndpointIdentificationAlgorithm(endPointIdentificationAlgorithm);
-            Java7SslParametersUtils.setAlgorithmConstraints(sslParameters, algorithmConstraints);
-            if (version >= 8) {
-                if (sniHostNames != null) {
-                    Java8SslUtils.setSniHostNames(sslParameters, sniHostNames);
-                }
-                if (!isDestroyed()) {
-                    Java8SslUtils.setUseCipherSuitesOrder(
-                            sslParameters, (SSL.getOptions(ssl) & SSL.SSL_OP_CIPHER_SERVER_PREFERENCE) != 0);
-                }
-
-                Java8SslUtils.setSNIMatchers(sslParameters, matchers);
-            }
+        sslParameters.setEndpointIdentificationAlgorithm(endPointIdentificationAlgorithm);
+        sslParameters.setAlgorithmConstraints((AlgorithmConstraints) algorithmConstraints);
+        if (sniHostNames != null) {
+            sslParameters.setServerNames(getSniHostNames(sniHostNames));
+        }
+        if (!isDestroyed()) {
+            sslParameters.setUseCipherSuitesOrder((SSL.getOptions(ssl) & SSL.SSL_OP_CIPHER_SERVER_PREFERENCE) != 0);
         }
+
+        sslParameters.setSNIMatchers(matchers);
         return sslParameters;
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
+    private static List<SNIServerName> getSniHostNames(List<String> names) {
+        if (names == null || names.isEmpty()) {
+            return Collections.emptyList();
+        }
+        List<SNIServerName> sniServerNames = new ArrayList<SNIServerName>(names.size());
+        for (String name: names) {
+            sniServerNames.add(new SNIHostName(name.getBytes(CharsetUtil.UTF_8)));
+        }
+        return sniServerNames;
+    }
+
     @Override
     public final synchronized void setSSLParameters(SSLParameters sslParameters) {
-        int version = PlatformDependent.javaVersion();
-        if (version >= 7) {
-            if (sslParameters.getAlgorithmConstraints() != null) {
-                throw new IllegalArgumentException("AlgorithmConstraints are not supported.");
-            }
+        if (sslParameters.getAlgorithmConstraints() != null) {
+            throw new IllegalArgumentException("AlgorithmConstraints are not supported.");
+        }
 
-            boolean isDestroyed = isDestroyed();
-            if (version >= 8) {
-                if (!isDestroyed) {
-                    if (clientMode) {
-                        final List<String> sniHostNames = Java8SslUtils.getSniHostNames(sslParameters);
-                        for (String name: sniHostNames) {
-                            SSL.setTlsExtHostName(ssl, name);
-                        }
-                        this.sniHostNames = sniHostNames;
-                    }
-                    if (Java8SslUtils.getUseCipherSuitesOrder(sslParameters)) {
-                        SSL.setOptions(ssl, SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
-                    } else {
-                        SSL.clearOptions(ssl, SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
-                    }
+        boolean isDestroyed = isDestroyed();
+        if (!isDestroyed) {
+            if (clientMode) {
+                final List<String> sniHostNames = getSniHostNames(sslParameters);
+                for (String name: sniHostNames) {
+                    SSL.setTlsExtHostName(ssl, name);
                 }
-                matchers = sslParameters.getSNIMatchers();
+                this.sniHostNames = sniHostNames;
             }
+            if (sslParameters.getUseCipherSuitesOrder()) {
+                SSL.setOptions(ssl, SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
+            } else {
+                SSL.clearOptions(ssl, SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
+            }
+        }
+        matchers = sslParameters.getSNIMatchers();
 
-            final String endPointIdentificationAlgorithm = sslParameters.getEndpointIdentificationAlgorithm();
-            if (!isDestroyed) {
-                // If the user asks for hostname verification we must ensure we verify the peer.
-                // If the user disables hostname verification we leave it up to the user to change the mode manually.
-                if (clientMode && isEndPointVerificationEnabled(endPointIdentificationAlgorithm)) {
-                    SSL.setVerify(ssl, SSL.SSL_CVERIFY_REQUIRED, -1);
-                }
+        final String endPointIdentificationAlgorithm = sslParameters.getEndpointIdentificationAlgorithm();
+        if (!isDestroyed) {
+            // If the user asks for hostname verification we must ensure we verify the peer.
+            // If the user disables hostname verification we leave it up to the user to change the mode manually.
+            if (clientMode && isEndPointVerificationEnabled(endPointIdentificationAlgorithm)) {
+                SSL.setVerify(ssl, SSL.SSL_CVERIFY_REQUIRED, -1);
             }
-            this.endPointIdentificationAlgorithm = endPointIdentificationAlgorithm;
-            algorithmConstraints = sslParameters.getAlgorithmConstraints();
         }
+        this.endPointIdentificationAlgorithm = endPointIdentificationAlgorithm;
+        algorithmConstraints = sslParameters.getAlgorithmConstraints();
         super.setSSLParameters(sslParameters);
     }
 
+    private static List<String> getSniHostNames(SSLParameters sslParameters) {
+        List<SNIServerName> names = sslParameters.getServerNames();
+        if (names == null || names.isEmpty()) {
+            return Collections.emptyList();
+        }
+        List<String> strings = new ArrayList<String>(names.size());
+
+        for (SNIServerName serverName : names) {
+            if (serverName instanceof SNIHostName) {
+                strings.add(((SNIHostName) serverName).getAsciiName());
+            } else {
+                throw new IllegalArgumentException("Only " + SNIHostName.class.getName()
+                        + " instances are supported, but found: " + serverName);
+            }
+        }
+        return strings;
+    }
+
     private static boolean isEndPointVerificationEnabled(String endPointIdentificationAlgorithm) {
         return endPointIdentificationAlgorithm != null && !endPointIdentificationAlgorithm.isEmpty();
     }
@@ -2256,7 +2274,18 @@ private boolean isDestroyed() {
     }
 
     final boolean checkSniHostnameMatch(byte[] hostname) {
-        return Java8SslUtils.checkSniHostnameMatch(matchers, hostname);
+        Collection<SNIMatcher> matchers = this.matchers;
+        if (matchers != null && !matchers.isEmpty()) {
+            SNIHostName name = new SNIHostName(hostname);
+            for (SNIMatcher matcher : matchers) {
+                // type 0 is for hostname
+                if (matcher.getType() == 0 && matcher.matches(name)) {
+                    return true;
+                }
+            }
+            return false;
+        }
+        return true;
     }
 
     @Override
@@ -2287,14 +2316,14 @@ private void selectApplicationProtocol() throws SSLException {
             case ALPN:
                 applicationProtocol = SSL.getAlpnSelected(ssl);
                 if (applicationProtocol != null) {
-                    ReferenceCountedOpenSslEngine.this.applicationProtocol = selectApplicationProtocol(
+                    this.applicationProtocol = selectApplicationProtocol(
                             protocols, behavior, applicationProtocol);
                 }
                 break;
             case NPN:
                 applicationProtocol = SSL.getNextProtoNegotiated(ssl);
                 if (applicationProtocol != null) {
-                    ReferenceCountedOpenSslEngine.this.applicationProtocol = selectApplicationProtocol(
+                    this.applicationProtocol = selectApplicationProtocol(
                             protocols, behavior, applicationProtocol);
                 }
                 break;
@@ -2304,7 +2333,7 @@ private void selectApplicationProtocol() throws SSLException {
                     applicationProtocol = SSL.getNextProtoNegotiated(ssl);
                 }
                 if (applicationProtocol != null) {
-                    ReferenceCountedOpenSslEngine.this.applicationProtocol = selectApplicationProtocol(
+                    this.applicationProtocol = selectApplicationProtocol(
                             protocols, behavior, applicationProtocol);
                 }
                 break;
@@ -2313,9 +2342,9 @@ private void selectApplicationProtocol() throws SSLException {
         }
     }
 
-    private String selectApplicationProtocol(List<String> protocols,
-                                             ApplicationProtocolConfig.SelectedListenerFailureBehavior behavior,
-                                             String applicationProtocol) throws SSLException {
+    private static String selectApplicationProtocol(List<String> protocols,
+                                                    ApplicationProtocolConfig.SelectedListenerFailureBehavior behavior,
+                                                    String applicationProtocol) throws SSLException {
         if (behavior == ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT) {
             return applicationProtocol;
         } else {
diff --git a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslServerContext.java b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslServerContext.java
index 07e0a5de17f..89768c30741 100644
--- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslServerContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslServerContext.java
@@ -21,8 +21,6 @@
 import io.netty.internal.tcnative.SSLContext;
 import io.netty.internal.tcnative.SniHostNameMatcher;
 import io.netty.util.CharsetUtil;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
 
@@ -170,13 +168,10 @@ static OpenSslServerSessionContext newSessionContext(ReferenceCountedOpenSslCont
                     }
                 }
 
-                if (PlatformDependent.javaVersion() >= 8) {
-                    // Only do on Java8+ as SNIMatcher is not supported in earlier releases.
-                    // IMPORTANT: The callbacks set for hostname matching must be static to prevent memory leak as
-                    //            otherwise the context can never be collected. This is because the JNI code holds
-                    //            a global reference to the matcher.
-                    SSLContext.setSniHostnameMatcher(ctx, new OpenSslSniHostnameMatcher(engineMap));
-                }
+                // IMPORTANT: The callbacks set for hostname matching must be static to prevent memory leak as
+                //            otherwise the context can never be collected. This is because the JNI code holds
+                //            a global reference to the matcher.
+                SSLContext.setSniHostnameMatcher(ctx, new OpenSslSniHostnameMatcher(engineMap));
             } catch (SSLException e) {
                 throw e;
             } catch (Exception e) {
@@ -204,7 +199,6 @@ static OpenSslServerSessionContext newSessionContext(ReferenceCountedOpenSslCont
         }
     }
 
-    @SuppressJava6Requirement(reason = "Guarded by java version check")
     private static void setVerifyCallback(long ctx, OpenSslEngineMap engineMap, X509TrustManager manager) {
         // Use this to prevent an error when running on java < 7
         if (useExtendedTrustManager(manager)) {
@@ -261,7 +255,6 @@ void verify(ReferenceCountedOpenSslEngine engine, X509Certificate[] peerCerts, S
         }
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     private static final class ExtendedTrustManagerVerifyCallback extends AbstractCertificateVerifier {
         private final X509ExtendedTrustManager manager;
 
diff --git a/handler/src/main/java/io/netty/handler/ssl/SslContext.java b/handler/src/main/java/io/netty/handler/ssl/SslContext.java
index a74b18a693c..7706c1d5a4c 100644
--- a/handler/src/main/java/io/netty/handler/ssl/SslContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/SslContext.java
@@ -27,25 +27,8 @@
 import io.netty.util.AttributeMap;
 import io.netty.util.DefaultAttributeMap;
 import io.netty.util.internal.EmptyArrays;
-import io.netty.util.internal.PlatformDependent;
 
 import java.io.BufferedInputStream;
-import java.security.Provider;
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.KeyManagerFactory;
-import javax.crypto.Cipher;
-import javax.crypto.EncryptedPrivateKeyInfo;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLSessionContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-
 import java.io.File;
 import java.io.IOException;
 import java.io.InputStream;
@@ -58,6 +41,7 @@
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
+import java.security.Provider;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
@@ -67,6 +51,20 @@
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.Executor;
+import javax.crypto.Cipher;
+import javax.crypto.EncryptedPrivateKeyInfo;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSessionContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
 
 /**
  * A secure socket protocol implementation which acts as a factory for {@link SSLEngine} and {@link SslHandler}.
@@ -1101,8 +1099,7 @@ private static String getPBEAlgorithm(EncryptedPrivateKeyInfo encryptedPrivateKe
         String algName = encryptedPrivateKeyInfo.getAlgName();
         // Java 8 ~ 16 returns OID_PKCS5_PBES2
         // Java 17+ returns PBES2
-        if (PlatformDependent.javaVersion() >= 8 && parameters != null &&
-                (OID_PKCS5_PBES2.equals(algName) || PBES2.equals(algName))) {
+        if (parameters != null && (OID_PKCS5_PBES2.equals(algName) || PBES2.equals(algName))) {
             /*
              * This should be "PBEWith<prf>And<encryption>".
              * Relying on the toString() implementation is potentially
diff --git a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
index f439173a8c1..d0f05268ea2 100644
--- a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
+++ b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
@@ -63,7 +63,6 @@
 import java.util.concurrent.RejectedExecutionException;
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Pattern;
-
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
 import javax.net.ssl.SSLEngineResult.HandshakeStatus;
@@ -1247,7 +1246,7 @@ private boolean ignoreException(Throwable t) {
                 }
 
                 try {
-                    // No match by now.. Try to load the class via classloader and inspect it.
+                    // No match by now. Try to load the class via classloader and inspect it.
                     // This is mainly done as other JDK implementations may differ in name of
                     // the impl.
                     Class<?> clazz = PlatformDependent.getClassLoader(getClass()).loadClass(classname);
@@ -1258,8 +1257,7 @@ private boolean ignoreException(Throwable t) {
                     }
 
                     // also match against SctpChannel via String matching as it may not present.
-                    if (PlatformDependent.javaVersion() >= 7
-                            && "com.sun.nio.sctp.SctpChannel".equals(clazz.getSuperclass().getName())) {
+                    if ("com.sun.nio.sctp.SctpChannel".equals(clazz.getSuperclass().getName())) {
                         return true;
                     }
                 } catch (Throwable cause) {
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/LazyX509Certificate.java b/handler/src/main/java/io/netty/handler/ssl/util/LazyX509Certificate.java
index b502f8cc3e2..4d3704d8485 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/LazyX509Certificate.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/LazyX509Certificate.java
@@ -16,9 +16,7 @@
 package io.netty.handler.ssl.util;
 
 import io.netty.util.internal.ObjectUtil;
-import io.netty.util.internal.SuppressJava6Requirement;
 
-import javax.security.auth.x500.X500Principal;
 import java.io.ByteArrayInputStream;
 import java.math.BigInteger;
 import java.security.InvalidKeyException;
@@ -39,6 +37,7 @@
 import java.util.Date;
 import java.util.List;
 import java.util.Set;
+import javax.security.auth.x500.X500Principal;
 
 public final class LazyX509Certificate extends X509Certificate {
 
@@ -96,8 +95,7 @@ public Collection<List<?>> getIssuerAlternativeNames() throws CertificateParsing
         return unwrap().getIssuerAlternativeNames();
     }
 
-    // No @Override annotation as it was only introduced in Java8.
-    @SuppressJava6Requirement(reason = "Can only be called from Java8 as class is package-private")
+    @Override
     public void verify(PublicKey key, Provider sigProvider)
             throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
         unwrap().verify(key, sigProvider);
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.java b/handler/src/main/java/io/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.java
index 6bbea068147..5404ed61353 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.java
@@ -17,7 +17,6 @@
 package io.netty.handler.ssl.util;
 
 import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
 import sun.security.x509.AlgorithmId;
@@ -34,16 +33,16 @@
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.util.Date;
 import java.math.BigInteger;
+import java.security.AccessController;
 import java.security.KeyPair;
 import java.security.PrivateKey;
+import java.security.PrivilegedAction;
 import java.security.SecureRandom;
 import java.security.cert.CertificateException;
+import java.util.Date;
 
-import static io.netty.handler.ssl.util.SelfSignedCertificate.*;
+import static io.netty.handler.ssl.util.SelfSignedCertificate.newSelfSignedCertificate;
 
 /**
  * Generates a self-signed certificate using {@code sun.security.x509} package provided by OpenJDK.
@@ -158,7 +157,6 @@ public Object run() {
         CERT_IMPL_SIGN_METHOD = certImplSignMethod;
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by dependency check")
     static String[] generate(String fqdn, KeyPair keypair, SecureRandom random, Date notBefore, Date notAfter,
                              String algorithm) throws Exception {
         if (CERT_INFO_SET_METHOD == null || ISSUER_NAME_CONSTRUCTOR == null ||
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/SimpleKeyManagerFactory.java b/handler/src/main/java/io/netty/handler/ssl/util/SimpleKeyManagerFactory.java
index befc869f77b..cb5526ccfca 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/SimpleKeyManagerFactory.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/SimpleKeyManagerFactory.java
@@ -18,17 +18,16 @@
 
 import io.netty.util.concurrent.FastThreadLocal;
 import io.netty.util.internal.ObjectUtil;
-import io.netty.util.internal.PlatformDependent;
 import io.netty.util.internal.StringUtil;
-import io.netty.util.internal.SuppressJava6Requirement;
+
 import java.security.InvalidAlgorithmParameterException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.Provider;
-import javax.net.ssl.ManagerFactoryParameters;
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.KeyManagerFactorySpi;
+import javax.net.ssl.ManagerFactoryParameters;
 import javax.net.ssl.X509ExtendedKeyManager;
 import javax.net.ssl.X509KeyManager;
 
@@ -133,15 +132,12 @@ protected KeyManager[] engineGetKeyManagers() {
             KeyManager[] keyManagers = this.keyManagers;
             if (keyManagers == null) {
                 keyManagers = parent.engineGetKeyManagers();
-                if (PlatformDependent.javaVersion() >= 7) {
-                    wrapIfNeeded(keyManagers);
-                }
+                wrapIfNeeded(keyManagers);
                 this.keyManagers = keyManagers;
             }
             return keyManagers.clone();
         }
 
-        @SuppressJava6Requirement(reason = "Usage guarded by java version check")
         private static void wrapIfNeeded(KeyManager[] keyManagers) {
             for (int i = 0; i < keyManagers.length; i++) {
                 final KeyManager tm = keyManagers[i];
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/SimpleTrustManagerFactory.java b/handler/src/main/java/io/netty/handler/ssl/util/SimpleTrustManagerFactory.java
index c6d4b8bc1c0..460983f9d07 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/SimpleTrustManagerFactory.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/SimpleTrustManagerFactory.java
@@ -18,19 +18,17 @@
 
 import io.netty.util.concurrent.FastThreadLocal;
 import io.netty.util.internal.ObjectUtil;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.Provider;
 import javax.net.ssl.ManagerFactoryParameters;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.TrustManagerFactorySpi;
 import javax.net.ssl.X509ExtendedTrustManager;
 import javax.net.ssl.X509TrustManager;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.Provider;
 
 /**
  * Helps to implement a custom {@link TrustManagerFactory}.
@@ -135,15 +133,12 @@ protected TrustManager[] engineGetTrustManagers() {
             TrustManager[] trustManagers = this.trustManagers;
             if (trustManagers == null) {
                 trustManagers = parent.engineGetTrustManagers();
-                if (PlatformDependent.javaVersion() >= 7) {
-                    wrapIfNeeded(trustManagers);
-                }
+                wrapIfNeeded(trustManagers);
                 this.trustManagers = trustManagers;
             }
             return trustManagers.clone();
         }
 
-        @SuppressJava6Requirement(reason = "Usage guarded by java version check")
         private static void wrapIfNeeded(TrustManager[] trustManagers) {
             for (int i = 0; i < trustManagers.length; i++) {
                 final TrustManager tm = trustManagers[i];
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/X509KeyManagerWrapper.java b/handler/src/main/java/io/netty/handler/ssl/util/X509KeyManagerWrapper.java
index 0c95ec66228..a2381180db0 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/X509KeyManagerWrapper.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/X509KeyManagerWrapper.java
@@ -16,9 +16,6 @@
 
 package io.netty.handler.ssl.util;
 
-import static io.netty.util.internal.ObjectUtil.checkNotNull;
-
-import io.netty.util.internal.SuppressJava6Requirement;
 import java.net.Socket;
 import java.security.Principal;
 import java.security.PrivateKey;
@@ -27,7 +24,8 @@
 import javax.net.ssl.X509ExtendedKeyManager;
 import javax.net.ssl.X509KeyManager;
 
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
+import static io.netty.util.internal.ObjectUtil.checkNotNull;
+
 final class X509KeyManagerWrapper extends X509ExtendedKeyManager {
 
     private final X509KeyManager delegate;
diff --git a/handler/src/main/java/io/netty/handler/ssl/util/X509TrustManagerWrapper.java b/handler/src/main/java/io/netty/handler/ssl/util/X509TrustManagerWrapper.java
index acdab479127..21152d15577 100644
--- a/handler/src/main/java/io/netty/handler/ssl/util/X509TrustManagerWrapper.java
+++ b/handler/src/main/java/io/netty/handler/ssl/util/X509TrustManagerWrapper.java
@@ -15,18 +15,15 @@
  */
 package io.netty.handler.ssl.util;
 
-import io.netty.util.internal.SuppressJava6Requirement;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.X509ExtendedTrustManager;
-import javax.net.ssl.X509TrustManager;
 import java.net.Socket;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.X509ExtendedTrustManager;
+import javax.net.ssl.X509TrustManager;
 
-import static io.netty.util.internal.ObjectUtil.*;
+import static io.netty.util.internal.ObjectUtil.checkNotNull;
 
-@SuppressJava6Requirement(reason = "Usage guarded by java version check")
 final class X509TrustManagerWrapper extends X509ExtendedTrustManager {
 
     private final X509TrustManager delegate;
diff --git a/handler/src/main/java/io/netty/handler/timeout/ReadTimeoutException.java b/handler/src/main/java/io/netty/handler/timeout/ReadTimeoutException.java
index d320adf6d3d..60a649ac899 100644
--- a/handler/src/main/java/io/netty/handler/timeout/ReadTimeoutException.java
+++ b/handler/src/main/java/io/netty/handler/timeout/ReadTimeoutException.java
@@ -15,8 +15,6 @@
  */
 package io.netty.handler.timeout;
 
-import io.netty.util.internal.PlatformDependent;
-
 /**
  * A {@link TimeoutException} raised by {@link ReadTimeoutHandler} when no data
  * was read within a certain period of time.
@@ -25,8 +23,7 @@ public final class ReadTimeoutException extends TimeoutException {
 
     private static final long serialVersionUID = 169287984113283421L;
 
-    public static final ReadTimeoutException INSTANCE = PlatformDependent.javaVersion() >= 7 ?
-            new ReadTimeoutException(true) : new ReadTimeoutException();
+    public static final ReadTimeoutException INSTANCE = new ReadTimeoutException(true);
 
     public ReadTimeoutException() { }
 
diff --git a/handler/src/main/java/io/netty/handler/timeout/WriteTimeoutException.java b/handler/src/main/java/io/netty/handler/timeout/WriteTimeoutException.java
index f0ac79ee0a2..72854bf40d7 100644
--- a/handler/src/main/java/io/netty/handler/timeout/WriteTimeoutException.java
+++ b/handler/src/main/java/io/netty/handler/timeout/WriteTimeoutException.java
@@ -15,8 +15,6 @@
  */
 package io.netty.handler.timeout;
 
-import io.netty.util.internal.PlatformDependent;
-
 /**
  * A {@link TimeoutException} raised by {@link WriteTimeoutHandler} when a write operation
  * cannot finish in a certain period of time.
@@ -25,8 +23,7 @@ public final class WriteTimeoutException extends TimeoutException {
 
     private static final long serialVersionUID = -144786655770296065L;
 
-    public static final WriteTimeoutException INSTANCE = PlatformDependent.javaVersion() >= 7 ?
-            new WriteTimeoutException(true) : new WriteTimeoutException();
+    public static final WriteTimeoutException INSTANCE = new WriteTimeoutException(true);
 
     public WriteTimeoutException() { }
 
diff --git a/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java b/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java
index dec5085c3dd..b5fc49981bd 100644
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java
@@ -1072,7 +1072,6 @@ private void testWrapDstBigEnough(BufferType type, SSLEngine engine, int srcLen)
     @MethodSource("newTestParams")
     @ParameterizedTest
     public void testSNIMatchersDoesNotThrow(SSLEngineTestParam param) throws Exception {
-        assumeTrue(PlatformDependent.javaVersion() >= 8);
         SelfSignedCertificate ssc = new SelfSignedCertificate();
         serverSslCtx = wrapContext(param, SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
                                         .sslProvider(sslServerProvider())
@@ -1094,7 +1093,6 @@ public void testSNIMatchersDoesNotThrow(SSLEngineTestParam param) throws Excepti
     @MethodSource("newTestParams")
     @ParameterizedTest
     public void testSNIMatchersWithSNINameWithUnderscore(SSLEngineTestParam param) throws Exception {
-        assumeTrue(PlatformDependent.javaVersion() >= 8);
         byte[] name = "rb8hx3pww30y3tvw0mwy.v1_1".getBytes(CharsetUtil.UTF_8);
         SelfSignedCertificate ssc = new SelfSignedCertificate();
         serverSslCtx = wrapContext(param, SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
@@ -1499,10 +1497,7 @@ private static ApplicationProtocolConfig acceptingNegotiator(Protocol protocol,
 
     @Override
     protected SSLEngine wrapEngine(SSLEngine engine) {
-        if (PlatformDependent.javaVersion() >= 8) {
-            return Java8SslTestUtils.wrapSSLEngineForTesting(engine);
-        }
-        return engine;
+        return Java8SslTestUtils.wrapSSLEngineForTesting(engine);
     }
 
     ReferenceCountedOpenSslEngine unwrapEngine(SSLEngine engine) {
diff --git a/handler/src/test/java/io/netty/handler/ssl/SniClientTest.java b/handler/src/test/java/io/netty/handler/ssl/SniClientTest.java
index 007c82f027f..26800c213a6 100644
--- a/handler/src/test/java/io/netty/handler/ssl/SniClientTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/SniClientTest.java
@@ -25,31 +25,27 @@
 import io.netty.channel.local.LocalAddress;
 import io.netty.channel.local.LocalChannel;
 import io.netty.channel.local.LocalServerChannel;
-import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
 import io.netty.handler.ssl.util.SelfSignedCertificate;
 import io.netty.util.Mapping;
 import io.netty.util.ReferenceCountUtil;
 import io.netty.util.concurrent.Promise;
-import io.netty.util.internal.PlatformDependent;
 import org.junit.jupiter.api.Timeout;
 import org.junit.jupiter.api.function.Executable;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.MethodSource;
 
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLException;
-import javax.net.ssl.TrustManagerFactory;
-import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.TrustManagerFactory;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.junit.jupiter.api.Assumptions.assumeTrue;
 
 public class SniClientTest {
     private static final String PARAMETERIZED_NAME = "{index}: serverSslProvider = {0}, clientSslProvider = {1}";
@@ -74,7 +70,6 @@ static Collection<Object[]> parameters() {
     @MethodSource("parameters")
     public void testSniSNIMatcherMatchesClient(SslProvider serverProvider, SslProvider clientProvider)
             throws Exception {
-        assumeTrue(PlatformDependent.javaVersion() >= 8);
         SniClientJava8TestUtil.testSniClient(serverProvider, clientProvider, true);
     }
 
@@ -83,7 +78,6 @@ public void testSniSNIMatcherMatchesClient(SslProvider serverProvider, SslProvid
     @MethodSource("parameters")
     public void testSniSNIMatcherDoesNotMatchClient(
             final SslProvider serverProvider, final SslProvider clientProvider) {
-        assumeTrue(PlatformDependent.javaVersion() >= 8);
         assertThrows(SSLException.class, new Executable() {
             @Override
             public void execute() throws Throwable {
@@ -113,11 +107,7 @@ public void testSniClient(SslProvider sslServerProvider, SslProvider sslClientPr
                                                     .build();
             } else {
                 // The used OpenSSL version does support a KeyManagerFactory, so use it.
-                KeyManagerFactory kmf = PlatformDependent.javaVersion() >= 8 ?
-                        SniClientJava8TestUtil.newSniX509KeyManagerFactory(cert, sniHostName) :
-                        SslContext.buildKeyManagerFactory(
-                                new X509Certificate[] { cert.cert() }, null,
-                                cert.key(), null, null, null);
+                KeyManagerFactory kmf = SniClientJava8TestUtil.newSniX509KeyManagerFactory(cert, sniHostName);
 
                sslServerContext = SslContextBuilder.forServer(kmf)
                                                    .sslProvider(sslServerProvider)
@@ -140,9 +130,7 @@ public SslContext map(String input) {
                 }
             }).bind(address).syncUninterruptibly().channel();
 
-            TrustManagerFactory tmf = PlatformDependent.javaVersion() >= 8 ?
-                    SniClientJava8TestUtil.newSniX509TrustmanagerFactory(sniHostName) :
-                    InsecureTrustManagerFactory.INSTANCE;
+            TrustManagerFactory tmf = SniClientJava8TestUtil.newSniX509TrustmanagerFactory(sniHostName);
             sslClientContext = SslContextBuilder.forClient().trustManager(tmf)
                                                      .sslProvider(sslClientProvider).build();
             Bootstrap cb = new Bootstrap();
@@ -157,10 +145,8 @@ public SslContext map(String input) {
             handler.handshakeFuture().syncUninterruptibly();
             assertNull(handler.engine().getHandshakeSession());
 
-            if (PlatformDependent.javaVersion() >= 8) {
-                SniClientJava8TestUtil.assertSSLSession(
-                        handler.engine().getUseClientMode(), handler.engine().getSession(), sniHostName);
-            }
+            SniClientJava8TestUtil.assertSSLSession(
+                    handler.engine().getUseClientMode(), handler.engine().getSession(), sniHostName);
         } finally {
             if (cc != null) {
                 cc.close().syncUninterruptibly();
diff --git a/microbench/src/main/java/io/netty/handler/codec/http/HttpStatusValueOfBenchmark.java b/microbench/src/main/java/io/netty/handler/codec/http/HttpStatusValueOfBenchmark.java
index 947c732be9f..3e5adbc9591 100644
--- a/microbench/src/main/java/io/netty/handler/codec/http/HttpStatusValueOfBenchmark.java
+++ b/microbench/src/main/java/io/netty/handler/codec/http/HttpStatusValueOfBenchmark.java
@@ -14,8 +14,8 @@
  * under the License.
  */
 package io.netty.handler.codec.http;
+
 import io.netty.microbench.util.AbstractMicrobenchmark;
-import io.netty.util.internal.SuppressJava6Requirement;
 import org.openjdk.jmh.annotations.Benchmark;
 import org.openjdk.jmh.annotations.BenchmarkMode;
 import org.openjdk.jmh.annotations.Level;
@@ -32,6 +32,7 @@
 import org.openjdk.jmh.profile.ProfilerFactory;
 import org.openjdk.jmh.runner.options.ChainedOptionsBuilder;
 import org.openjdk.jmh.runner.options.ProfilerConfig;
+
 import java.text.DecimalFormat;
 import java.util.SplittableRandom;
 import java.util.concurrent.TimeUnit;
@@ -40,7 +41,6 @@
 @Warmup(iterations = 10, time = 1)
 @Measurement(iterations = 10, time = 1)
 @OutputTimeUnit(TimeUnit.MICROSECONDS)
-@SuppressJava6Requirement(reason = "suppress")
 public class HttpStatusValueOfBenchmark extends AbstractMicrobenchmark {
     private static final SplittableRandom random = new SplittableRandom();
     private static final DecimalFormat df = new DecimalFormat("##.##%");
diff --git a/microbench/src/main/java/io/netty/microbench/buffer/ByteBufIndexOfBenchmark.java b/microbench/src/main/java/io/netty/microbench/buffer/ByteBufIndexOfBenchmark.java
index dcb6362f693..558a5146060 100644
--- a/microbench/src/main/java/io/netty/microbench/buffer/ByteBufIndexOfBenchmark.java
+++ b/microbench/src/main/java/io/netty/microbench/buffer/ByteBufIndexOfBenchmark.java
@@ -20,7 +20,6 @@
 import io.netty.buffer.PooledByteBufAllocator;
 import io.netty.buffer.UnpooledByteBufAllocator;
 import io.netty.microbench.util.AbstractMicrobenchmark;
-import io.netty.util.internal.SuppressJava6Requirement;
 import org.openjdk.jmh.annotations.Benchmark;
 import org.openjdk.jmh.annotations.Fork;
 import org.openjdk.jmh.annotations.Level;
@@ -69,7 +68,6 @@ public class ByteBufIndexOfBenchmark extends AbstractMicrobenchmark {
     private boolean pooled;
 
     @Setup(Level.Trial)
-    @SuppressJava6Requirement(reason = "using SplittableRandom to reliably produce data")
     public void init() {
         System.setProperty("io.netty.noUnsafe", Boolean.valueOf(noUnsafe).toString());
         SplittableRandom random = new SplittableRandom(seed);
diff --git a/microbench/src/main/java/io/netty/microbench/buffer/ByteBufLastIndexOfBenchmark.java b/microbench/src/main/java/io/netty/microbench/buffer/ByteBufLastIndexOfBenchmark.java
index 41a79493e58..8a892a05737 100644
--- a/microbench/src/main/java/io/netty/microbench/buffer/ByteBufLastIndexOfBenchmark.java
+++ b/microbench/src/main/java/io/netty/microbench/buffer/ByteBufLastIndexOfBenchmark.java
@@ -20,7 +20,6 @@
 import io.netty.buffer.PooledByteBufAllocator;
 import io.netty.buffer.UnpooledByteBufAllocator;
 import io.netty.microbench.util.AbstractMicrobenchmark;
-import io.netty.util.internal.SuppressJava6Requirement;
 import org.openjdk.jmh.annotations.Benchmark;
 import org.openjdk.jmh.annotations.Fork;
 import org.openjdk.jmh.annotations.Level;
@@ -70,7 +69,6 @@ public class ByteBufLastIndexOfBenchmark extends AbstractMicrobenchmark {
     private boolean pooled;
 
     @Setup(Level.Trial)
-    @SuppressJava6Requirement(reason = "using SplittableRandom to reliably produce data")
     public void init() {
         System.setProperty("io.netty.noUnsafe", Boolean.valueOf(noUnsafe).toString());
         SplittableRandom random = new SplittableRandom(seed);
diff --git a/microbench/src/main/java/io/netty/util/AsciiStringCaseConversionBenchmark.java b/microbench/src/main/java/io/netty/util/AsciiStringCaseConversionBenchmark.java
index 8519287196b..842d9b994a0 100644
--- a/microbench/src/main/java/io/netty/util/AsciiStringCaseConversionBenchmark.java
+++ b/microbench/src/main/java/io/netty/util/AsciiStringCaseConversionBenchmark.java
@@ -15,7 +15,6 @@
  */
 package io.netty.util;
 
-import io.netty.util.internal.SuppressJava6Requirement;
 import org.openjdk.jmh.annotations.Benchmark;
 import org.openjdk.jmh.annotations.Fork;
 import org.openjdk.jmh.annotations.Level;
@@ -61,7 +60,6 @@ public class AsciiStringCaseConversionBenchmark {
     private boolean noUnsafe;
 
     @Setup(Level.Trial)
-    @SuppressJava6Requirement(reason = "using SplittableRandom to reliably produce data")
     public void init() {
         System.setProperty("io.netty.noUnsafe", Boolean.valueOf(noUnsafe).toString());
         final SplittableRandom random = new SplittableRandom(seed);
diff --git a/pom.xml b/pom.xml
index 339c47fe96b..f24f2cb83d6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -206,6 +206,7 @@
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
         <revapi.skip>true</revapi.skip>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
     <profile>
@@ -225,6 +226,7 @@
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
         <revapi.skip>true</revapi.skip>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
     <profile>
@@ -245,6 +247,7 @@
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
         <revapi.skip>true</revapi.skip>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
     <profile>
@@ -265,6 +268,7 @@
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
         <revapi.skip>true</revapi.skip>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
     <profile>
@@ -285,6 +289,7 @@
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
         <revapi.skip>true</revapi.skip>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
     <profile>
@@ -304,6 +309,7 @@
 
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
 
@@ -324,6 +330,7 @@
         <jboss.marshalling.version>2.0.5.Final</jboss.marshalling.version>
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
 
@@ -344,6 +351,7 @@
         <jboss.marshalling.version>2.0.5.Final</jboss.marshalling.version>
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
     <!-- JDK14 -->
@@ -363,6 +371,7 @@
         <jboss.marshalling.version>2.0.5.Final</jboss.marshalling.version>
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
     <!-- JDK13 -->
@@ -382,6 +391,7 @@
         <jboss.marshalling.version>2.0.5.Final</jboss.marshalling.version>
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
 
@@ -402,6 +412,7 @@
         <jboss.marshalling.version>2.0.5.Final</jboss.marshalling.version>
         <!-- pax-exam does not work on latest Java12 EA 22 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
 
@@ -422,6 +433,7 @@
         <jboss.marshalling.version>2.0.5.Final</jboss.marshalling.version>
         <!-- pax-exam does not work on latest Java11 build -->
         <skipOsgiTestsuite>true</skipOsgiTestsuite>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
 
@@ -442,6 +454,7 @@
         <enforcer.plugin.version>3.0.0-M3</enforcer.plugin.version>
         <!-- 1.4.x does not work in Java10+ -->
         <jboss.marshalling.version>2.0.5.Final</jboss.marshalling.version>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
     </profile>
 
@@ -458,6 +471,7 @@
         <forbiddenapis.skip>true</forbiddenapis.skip>
         <!-- Needed because of https://issues.apache.org/jira/browse/MENFORCER-275 -->
         <enforcer.plugin.version>3.0.0-M1</enforcer.plugin.version>
+        <animal.sniffer.skip>true</animal.sniffer.skip>
       </properties>
       <activation>
         <jdk>9</jdk>
@@ -1212,6 +1226,10 @@
                     <matcher>java-package</matcher>
                     <match>/.*\.internal\..*/</match>
                   </item>
+                  <item>
+                    <matcher>java-package</matcher>
+                    <match>/.*\.internal/</match>
+                  </item>
                   <item>
                     <matcher>java-package</matcher>
                     <match>/org\.openjdk\.jmh\..*/</match>
@@ -1486,6 +1504,103 @@
                   <newVisibility>private</newVisibility>
                   <justification>Necessary compatibility break for BouncyCastle upgrade</justification>
                 </item>
+                <!-- Removal of "@SuppressJava6Requirement" annocation from classes and methods. -->
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method void io.netty.channel.ChannelException::&lt;init&gt;(java.lang.String, java.lang.Throwable, boolean)</old>
+                  <new>method void io.netty.channel.ChannelException::&lt;init&gt;(java.lang.String, java.lang.Throwable, boolean)</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "uses Java 7+ RuntimeException.&lt;init&gt;(String, Throwable, boolean, boolean) but is guarded by version checks")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>class io.netty.channel.socket.nio.NioChannelOption&lt;T&gt;</old>
+                  <new>class io.netty.channel.socket.nio.NioChannelOption&lt;T&gt;</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage explicit by the user")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method io.netty.channel.ChannelFuture io.netty.channel.socket.nio.NioDatagramChannel::block(java.net.InetAddress, java.net.NetworkInterface, java.net.InetAddress, io.netty.channel.ChannelPromise)</old>
+                  <new>method io.netty.channel.ChannelFuture io.netty.channel.socket.nio.NioDatagramChannel::block(java.net.InetAddress, java.net.NetworkInterface, java.net.InetAddress, io.netty.channel.ChannelPromise)</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method io.netty.channel.ChannelFuture io.netty.channel.socket.nio.NioDatagramChannel::joinGroup(java.net.InetAddress, java.net.NetworkInterface, java.net.InetAddress, io.netty.channel.ChannelPromise)</old>
+                  <new>method io.netty.channel.ChannelFuture io.netty.channel.socket.nio.NioDatagramChannel::joinGroup(java.net.InetAddress, java.net.NetworkInterface, java.net.InetAddress, io.netty.channel.ChannelPromise)</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method io.netty.channel.ChannelFuture io.netty.channel.socket.nio.NioDatagramChannel::leaveGroup(java.net.InetAddress, java.net.NetworkInterface, java.net.InetAddress, io.netty.channel.ChannelPromise)</old>
+                  <new>method io.netty.channel.ChannelFuture io.netty.channel.socket.nio.NioDatagramChannel::leaveGroup(java.net.InetAddress, java.net.NetworkInterface, java.net.InetAddress, io.netty.channel.ChannelPromise)</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method void io.netty.channel.socket.nio.NioServerSocketChannel::doBind(java.net.SocketAddress) throws java.lang.Exception</old>
+                  <new>method void io.netty.channel.socket.nio.NioServerSocketChannel::doBind(java.net.SocketAddress) throws java.lang.Exception</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method void io.netty.channel.socket.nio.NioSocketChannel::doShutdownOutput() throws java.lang.Exception</old>
+                  <new>method void io.netty.channel.socket.nio.NioSocketChannel::doShutdownOutput() throws java.lang.Exception</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method javax.net.ssl.SSLParameters io.netty.handler.ssl.ReferenceCountedOpenSslEngine::getSSLParameters() @ io.netty.handler.ssl.OpenSslEngine</old>
+                  <new>method javax.net.ssl.SSLParameters io.netty.handler.ssl.ReferenceCountedOpenSslEngine::getSSLParameters() @ io.netty.handler.ssl.OpenSslEngine</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method void io.netty.handler.ssl.ReferenceCountedOpenSslEngine::setSSLParameters(javax.net.ssl.SSLParameters) @ io.netty.handler.ssl.OpenSslEngine</old>
+                  <new>method void io.netty.handler.ssl.ReferenceCountedOpenSslEngine::setSSLParameters(javax.net.ssl.SSLParameters) @ io.netty.handler.ssl.OpenSslEngine</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method javax.net.ssl.SSLParameters io.netty.handler.ssl.ReferenceCountedOpenSslEngine::getSSLParameters()</old>
+                  <new>method javax.net.ssl.SSLParameters io.netty.handler.ssl.ReferenceCountedOpenSslEngine::getSSLParameters()</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method void io.netty.handler.ssl.ReferenceCountedOpenSslEngine::setSSLParameters(javax.net.ssl.SSLParameters)</old>
+                  <new>method void io.netty.handler.ssl.ReferenceCountedOpenSslEngine::setSSLParameters(javax.net.ssl.SSLParameters)</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Usage guarded by java version check")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
+                <item>
+                  <ignore>true</ignore>
+                  <code>java.annotation.removed</code>
+                  <old>method void io.netty.handler.ssl.util.LazyX509Certificate::verify(java.security.PublicKey, java.security.Provider) throws java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.SignatureException</old>
+                  <new>method void io.netty.handler.ssl.util.LazyX509Certificate::verify(java.security.PublicKey, java.security.Provider) throws java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.InvalidKeyException, java.security.SignatureException</new>
+                  <annotation>@io.netty.util.internal.SuppressJava6Requirement(reason = "Can only be called from Java8 as class is package-private")</annotation>
+                  <justification>Java baseline version changed.</justification>
+                </item>
               </differences>
             </revapi.differences>
           </analysisConfiguration>
@@ -1597,22 +1712,22 @@
         </configuration>
       </plugin>
       <plugin>
-        <!-- ensure that only methods available in java 1.6 can
-             be used even when compiling with java 1.7+ -->
+        <!-- ensure that only methods available in java 1.8 can
+             be used even when compiling with java 9+ -->
         <groupId>org.codehaus.mojo</groupId>
         <artifactId>animal-sniffer-maven-plugin</artifactId>
-        <version>1.16</version>
+        <version>1.23</version>
         <configuration>
           <signature>
             <groupId>org.codehaus.mojo.signature</groupId>
-            <artifactId>java16</artifactId>
-            <version>1.1</version>
+            <artifactId>java18</artifactId>
+            <version>1.0</version>
           </signature>
           <ignores>
             <ignore>java.nio.ByteBuffer</ignore>
           </ignores>
           <annotations>
-            <annotation>io.netty.util.internal.SuppressJava6Requirement</annotation>
+            <annotation>io.netty.util.internal.SuppressJava8Requirement</annotation>
           </annotations>
         </configuration>
         <executions>
diff --git a/resolver-dns/src/main/java/io/netty/resolver/dns/DefaultAuthoritativeDnsServerCache.java b/resolver-dns/src/main/java/io/netty/resolver/dns/DefaultAuthoritativeDnsServerCache.java
index b75db05a7da..7e0c85b824d 100644
--- a/resolver-dns/src/main/java/io/netty/resolver/dns/DefaultAuthoritativeDnsServerCache.java
+++ b/resolver-dns/src/main/java/io/netty/resolver/dns/DefaultAuthoritativeDnsServerCache.java
@@ -16,7 +16,6 @@
 package io.netty.resolver.dns;
 
 import io.netty.channel.EventLoop;
-import io.netty.util.internal.PlatformDependent;
 
 import java.net.InetSocketAddress;
 import java.util.Collections;
@@ -24,7 +23,9 @@
 import java.util.List;
 import java.util.concurrent.ConcurrentMap;
 
-import static io.netty.util.internal.ObjectUtil.*;
+import static io.netty.util.internal.ObjectUtil.checkNotNull;
+import static io.netty.util.internal.ObjectUtil.checkPositive;
+import static io.netty.util.internal.ObjectUtil.checkPositiveOrZero;
 
 /**
  * Default implementation of {@link AuthoritativeDnsServerCache}, backed by a {@link ConcurrentMap}.
@@ -42,10 +43,7 @@ protected boolean shouldReplaceAll(InetSocketAddress entry) {
 
         @Override
         protected boolean equals(InetSocketAddress entry, InetSocketAddress otherEntry) {
-            if (PlatformDependent.javaVersion() >= 7) {
-                return entry.getHostString().equalsIgnoreCase(otherEntry.getHostString());
-            }
-            return entry.getHostName().equalsIgnoreCase(otherEntry.getHostName());
+            return entry.getHostString().equalsIgnoreCase(otherEntry.getHostString());
         }
 
         @Override
@@ -99,7 +97,7 @@ public void cache(String hostname, InetSocketAddress address, long originalTtl,
         checkNotNull(address, "address");
         checkNotNull(loop, "loop");
 
-        if (PlatformDependent.javaVersion() >= 7 && address.getHostString() == null) {
+        if (address.getHostString() == null) {
             // We only cache addresses that have also a host string as we will need it later when trying to replace
             // unresolved entries in the cache.
             return;
diff --git a/resolver-dns/src/main/java/io/netty/resolver/dns/DnsErrorCauseException.java b/resolver-dns/src/main/java/io/netty/resolver/dns/DnsErrorCauseException.java
index ef3969380c7..579aef8e876 100644
--- a/resolver-dns/src/main/java/io/netty/resolver/dns/DnsErrorCauseException.java
+++ b/resolver-dns/src/main/java/io/netty/resolver/dns/DnsErrorCauseException.java
@@ -17,8 +17,6 @@
 package io.netty.resolver.dns;
 
 import io.netty.handler.codec.dns.DnsResponseCode;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.ThrowableUtil;
 
 import java.net.UnknownHostException;
@@ -33,13 +31,6 @@ public final class DnsErrorCauseException extends RuntimeException {
 
     private final DnsResponseCode code;
 
-    private DnsErrorCauseException(String message, DnsResponseCode code) {
-        super(message);
-        this.code = code;
-    }
-
-    @SuppressJava6Requirement(reason = "uses Java 7+ Exception.<init>(String, Throwable, boolean, boolean)" +
-            " but is guarded by version checks")
     private DnsErrorCauseException(String message, DnsResponseCode code, boolean shared) {
         super(message, null, false, true);
         this.code = code;
@@ -63,12 +54,7 @@ public DnsResponseCode getCode() {
     }
 
     static DnsErrorCauseException newStatic(String message, DnsResponseCode code, Class<?> clazz, String method) {
-        final DnsErrorCauseException exception;
-        if (PlatformDependent.javaVersion() >= 7) {
-            exception = new DnsErrorCauseException(message, code, true);
-        } else {
-            exception = new DnsErrorCauseException(message, code);
-        }
+        final DnsErrorCauseException exception = new DnsErrorCauseException(message, code, true);
         return ThrowableUtil.unknownStackTrace(exception, clazz, method);
     }
 }
diff --git a/resolver-dns/src/main/java/io/netty/resolver/dns/DnsResolveContext.java b/resolver-dns/src/main/java/io/netty/resolver/dns/DnsResolveContext.java
index 5311aa89e16..22a49193f0a 100644
--- a/resolver-dns/src/main/java/io/netty/resolver/dns/DnsResolveContext.java
+++ b/resolver-dns/src/main/java/io/netty/resolver/dns/DnsResolveContext.java
@@ -39,7 +39,6 @@
 import io.netty.util.internal.ObjectUtil;
 import io.netty.util.internal.PlatformDependent;
 import io.netty.util.internal.StringUtil;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.SystemPropertyUtil;
 import io.netty.util.internal.ThrowableUtil;
 import io.netty.util.internal.logging.InternalLogger;
@@ -144,12 +143,6 @@ static final class DnsResolveContextException extends RuntimeException {
 
         private static final long serialVersionUID = 1209303419266433003L;
 
-        private DnsResolveContextException(String message) {
-            super(message);
-        }
-
-        @SuppressJava6Requirement(reason = "uses Java 7+ Exception.<init>(String, Throwable, boolean, boolean)" +
-                " but is guarded by version checks")
         private DnsResolveContextException(String message, boolean shared) {
             super(message, null, false, true);
             assert shared;
@@ -163,12 +156,7 @@ public Throwable fillInStackTrace() {
         }
 
         static DnsResolveContextException newStatic(String message, Class<?> clazz, String method) {
-            final DnsResolveContextException exception;
-            if (PlatformDependent.javaVersion() >= 7) {
-                exception = new DnsResolveContextException(message, true);
-            } else {
-                exception = new DnsResolveContextException(message);
-            }
+            final DnsResolveContextException exception = new DnsResolveContextException(message, true);
             return ThrowableUtil.unknownStackTrace(exception, clazz, method);
         }
     }
@@ -544,8 +532,7 @@ private void queryUnresolvedNameServer(final InetSocketAddress nameServerAddr,
                                            final DnsQueryLifecycleObserver queryLifecycleObserver,
                                            final Promise<List<T>> promise,
                                            final Throwable cause) {
-        final String nameServerName = PlatformDependent.javaVersion() >= 7 ?
-                nameServerAddr.getHostString() : nameServerAddr.getHostName();
+        final String nameServerName = nameServerAddr.getHostString();
         assert nameServerName != null;
 
         // Placeholder so we will not try to finish the original query yet.
@@ -602,7 +589,7 @@ private static final class RedirectAuthoritativeDnsServerCache implements Author
         private final AuthoritativeDnsServerCache wrapped;
 
         RedirectAuthoritativeDnsServerCache(AuthoritativeDnsServerCache authoritativeDnsServerCache) {
-            this.wrapped = authoritativeDnsServerCache;
+            wrapped = authoritativeDnsServerCache;
         }
 
         @Override
diff --git a/resolver-dns/src/test/java/io/netty/resolver/dns/DnsNameResolverTest.java b/resolver-dns/src/test/java/io/netty/resolver/dns/DnsNameResolverTest.java
index f5b36ff8af3..d2eb64b80b8 100644
--- a/resolver-dns/src/test/java/io/netty/resolver/dns/DnsNameResolverTest.java
+++ b/resolver-dns/src/test/java/io/netty/resolver/dns/DnsNameResolverTest.java
@@ -70,6 +70,8 @@
 import org.junit.jupiter.api.AfterAll;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.Timeout;
+import org.junit.jupiter.api.function.Executable;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -108,8 +110,6 @@
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.concurrent.atomic.AtomicReference;
-import org.junit.jupiter.api.Timeout;
-import org.junit.jupiter.api.function.Executable;
 
 import static io.netty.handler.codec.dns.DnsRecordType.A;
 import static io.netty.handler.codec.dns.DnsRecordType.AAAA;
@@ -129,7 +129,6 @@
 import static org.hamcrest.Matchers.hasSize;
 import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.is;
-
 import static org.hamcrest.Matchers.startsWith;
 import static org.junit.jupiter.api.Assertions.assertArrayEquals;
 import static org.junit.jupiter.api.Assertions.assertEquals;
@@ -1425,10 +1424,7 @@ InetSocketAddress newRedirectServerAddress(InetAddress server) {
             }
         };
 
-        // Java7 will strip of the "." so we need to adjust the expected dnsname. Both are valid in terms of the RFC
-        // so its ok.
-        String expectedDnsName = PlatformDependent.javaVersion() == 7 ?
-                "dns4.some.record.netty.io" : "dns4.some.record.netty.io.";
+        String expectedDnsName = "dns4.some.record.netty.io.";
 
         try {
             resolver.resolveAll(hostname).syncUninterruptibly();
diff --git a/testsuite/src/main/java/io/netty/testsuite/transport/socket/DatagramUnicastIPv6Test.java b/testsuite/src/main/java/io/netty/testsuite/transport/socket/DatagramUnicastIPv6Test.java
index 308669c6f5a..e86e76ee07b 100644
--- a/testsuite/src/main/java/io/netty/testsuite/transport/socket/DatagramUnicastIPv6Test.java
+++ b/testsuite/src/main/java/io/netty/testsuite/transport/socket/DatagramUnicastIPv6Test.java
@@ -16,8 +16,6 @@
 package io.netty.testsuite.transport.socket;
 
 import io.netty.channel.socket.InternetProtocolFamily;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import org.junit.jupiter.api.BeforeAll;
 import org.opentest4j.TestAbortedException;
 
@@ -28,13 +26,9 @@
 
 public class DatagramUnicastIPv6Test extends DatagramUnicastInetTest {
 
-    @SuppressJava6Requirement(reason = "Guarded by java version check")
     @BeforeAll
     public static void assumeIpv6Supported() {
         try {
-            if (PlatformDependent.javaVersion() < 7) {
-                throw new UnsupportedOperationException();
-            }
             Channel channel = SelectorProvider.provider().openDatagramChannel(StandardProtocolFamily.INET6);
             channel.close();
         } catch (UnsupportedOperationException e) {
diff --git a/testsuite/src/main/java/io/netty/testsuite/util/TestUtils.java b/testsuite/src/main/java/io/netty/testsuite/util/TestUtils.java
index f1192def7c5..4cc0db01de1 100644
--- a/testsuite/src/main/java/io/netty/testsuite/util/TestUtils.java
+++ b/testsuite/src/main/java/io/netty/testsuite/util/TestUtils.java
@@ -17,7 +17,6 @@
 
 import io.netty.util.CharsetUtil;
 import io.netty.util.internal.ObjectUtil;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
 import org.junit.jupiter.api.TestInfo;
@@ -105,7 +104,6 @@ public static boolean isSctpSupported() {
     /**
      * Returns the method name of the current test.
      */
-    @SuppressJava6Requirement(reason = "Test only")
     public static String testMethodName(TestInfo testInfo) {
         String testMethodName = testInfo.getTestMethod().map(new Function<Method, String>() {
             @Override
diff --git a/transport-classes-epoll/src/main/java/io/netty/channel/epoll/LinuxSocket.java b/transport-classes-epoll/src/main/java/io/netty/channel/epoll/LinuxSocket.java
index 99b22540b26..3dcd584f851 100644
--- a/transport-classes-epoll/src/main/java/io/netty/channel/epoll/LinuxSocket.java
+++ b/transport-classes-epoll/src/main/java/io/netty/channel/epoll/LinuxSocket.java
@@ -17,18 +17,17 @@
 
 import io.netty.channel.ChannelException;
 import io.netty.channel.DefaultFileRegion;
+import io.netty.channel.socket.InternetProtocolFamily;
 import io.netty.channel.unix.Errors;
 import io.netty.channel.unix.NativeInetAddress;
 import io.netty.channel.unix.PeerCredentials;
 import io.netty.channel.unix.Socket;
-import io.netty.channel.socket.InternetProtocolFamily;
-import io.netty.util.internal.PlatformDependent;
 import io.netty.util.internal.SocketUtils;
 import io.netty.util.internal.UnstableApi;
 
 import java.io.IOException;
-import java.net.InetAddress;
 import java.net.Inet6Address;
+import java.net.InetAddress;
 import java.net.NetworkInterface;
 import java.net.UnknownHostException;
 import java.util.Enumeration;
@@ -97,7 +96,7 @@ InetAddress getInterface() throws IOException {
     NetworkInterface getNetworkInterface() throws IOException {
         int ret = getInterface(intValue(), ipv6);
         if (ipv6) {
-            return PlatformDependent.javaVersion() >= 7 ? NetworkInterface.getByIndex(ret) : null;
+            return NetworkInterface.getByIndex(ret);
         }
         InetAddress address = inetAddress(ret);
         return address != null ? NetworkInterface.getByInetAddress(address) : null;
@@ -151,15 +150,13 @@ void leaveGroup(InetAddress group, NetworkInterface netInterface, InetAddress so
     }
 
     private static int interfaceIndex(NetworkInterface networkInterface) {
-        return PlatformDependent.javaVersion() >= 7 ? networkInterface.getIndex() : -1;
+        return networkInterface.getIndex();
     }
 
     private static int interfaceIndex(InetAddress address) throws IOException {
-        if (PlatformDependent.javaVersion() >= 7) {
-            NetworkInterface iface = NetworkInterface.getByInetAddress(address);
-            if (iface != null) {
-                return iface.getIndex();
-            }
+        NetworkInterface iface = NetworkInterface.getByInetAddress(address);
+        if (iface != null) {
+            return iface.getIndex();
         }
         return -1;
     }
diff --git a/transport-native-unix-common/src/main/java/io/netty/channel/unix/UnixChannelUtil.java b/transport-native-unix-common/src/main/java/io/netty/channel/unix/UnixChannelUtil.java
index ada5111b0bf..fd657f35e39 100644
--- a/transport-native-unix-common/src/main/java/io/netty/channel/unix/UnixChannelUtil.java
+++ b/transport-native-unix-common/src/main/java/io/netty/channel/unix/UnixChannelUtil.java
@@ -16,7 +16,6 @@
 package io.netty.channel.unix;
 
 import io.netty.buffer.ByteBuf;
-import io.netty.util.internal.PlatformDependent;
 
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
@@ -43,17 +42,15 @@ static boolean isBufferCopyNeededForWrite(ByteBuf byteBuf, int iovMax) {
 
     public static InetSocketAddress computeRemoteAddr(InetSocketAddress remoteAddr, InetSocketAddress osRemoteAddr) {
         if (osRemoteAddr != null) {
-            if (PlatformDependent.javaVersion() >= 7) {
-                try {
-                    // Only try to construct a new InetSocketAddress if we using java >= 7 as getHostString() does not
-                    // exists in earlier releases and so the retrieval of the hostname could block the EventLoop if a
-                    // reverse lookup would be needed.
-                    return new InetSocketAddress(InetAddress.getByAddress(remoteAddr.getHostString(),
-                            osRemoteAddr.getAddress().getAddress()),
-                            osRemoteAddr.getPort());
-                } catch (UnknownHostException ignore) {
-                    // Should never happen but fallback to osRemoteAddr anyway.
-                }
+            try {
+                // Only try to construct a new InetSocketAddress if we using java >= 7 as getHostString() does not
+                // exists in earlier releases and so the retrieval of the hostname could block the EventLoop if a
+                // reverse lookup would be needed.
+                return new InetSocketAddress(InetAddress.getByAddress(remoteAddr.getHostString(),
+                        osRemoteAddr.getAddress().getAddress()),
+                        osRemoteAddr.getPort());
+            } catch (UnknownHostException ignore) {
+                // Should never happen but fallback to osRemoteAddr anyway.
             }
             return osRemoteAddr;
         }
diff --git a/transport/src/main/java/io/netty/channel/ChannelException.java b/transport/src/main/java/io/netty/channel/ChannelException.java
index 147f81c4bf8..3c4b1c7178f 100644
--- a/transport/src/main/java/io/netty/channel/ChannelException.java
+++ b/transport/src/main/java/io/netty/channel/ChannelException.java
@@ -15,8 +15,6 @@
  */
 package io.netty.channel;
 
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.ThrowableUtil;
 import io.netty.util.internal.UnstableApi;
 
@@ -55,30 +53,19 @@ public ChannelException(Throwable cause) {
     }
 
     @UnstableApi
-    @SuppressJava6Requirement(reason = "uses Java 7+ RuntimeException.<init>(String, Throwable, boolean, boolean)" +
-            " but is guarded by version checks")
     protected ChannelException(String message, Throwable cause, boolean shared) {
         super(message, cause, false, true);
         assert shared;
     }
 
     static ChannelException newStatic(String message, Class<?> clazz, String method) {
-        ChannelException exception;
-        if (PlatformDependent.javaVersion() >= 7) {
-            exception = new StacklessChannelException(message, null, true);
-        } else {
-            exception = new StacklessChannelException(message, null);
-        }
+        ChannelException exception = new StacklessChannelException(message, null, true);
         return ThrowableUtil.unknownStackTrace(exception, clazz, method);
     }
 
     private static final class StacklessChannelException extends ChannelException {
         private static final long serialVersionUID = -6384642137753538579L;
 
-        StacklessChannelException(String message, Throwable cause) {
-            super(message, cause);
-        }
-
         StacklessChannelException(String message, Throwable cause, boolean shared) {
             super(message, cause, shared);
         }
diff --git a/transport/src/main/java/io/netty/channel/nio/NioEventLoop.java b/transport/src/main/java/io/netty/channel/nio/NioEventLoop.java
index 9d407331bf9..928c3fe7d4c 100644
--- a/transport/src/main/java/io/netty/channel/nio/NioEventLoop.java
+++ b/transport/src/main/java/io/netty/channel/nio/NioEventLoop.java
@@ -35,9 +35,8 @@
 import java.lang.reflect.Field;
 import java.nio.channels.CancelledKeyException;
 import java.nio.channels.SelectableChannel;
-import java.nio.channels.Selector;
 import java.nio.channels.SelectionKey;
-
+import java.nio.channels.Selector;
 import java.nio.channels.spi.SelectorProvider;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
@@ -81,24 +80,6 @@ public int get() throws Exception {
     // - https://bugs.openjdk.java.net/browse/JDK-6527572 for JDK prior to 5.0u15-rev and 6u10
     // - https://github.com/netty/netty/issues/203
     static {
-        if (PlatformDependent.javaVersion() < 7) {
-            final String key = "sun.nio.ch.bugLevel";
-            final String bugLevel = SystemPropertyUtil.get(key);
-            if (bugLevel == null) {
-                try {
-                    AccessController.doPrivileged(new PrivilegedAction<Void>() {
-                        @Override
-                        public Void run() {
-                            System.setProperty(key, "");
-                            return null;
-                        }
-                    });
-                } catch (final SecurityException e) {
-                    logger.debug("Unable to get/set System Property: " + key, e);
-                }
-            }
-        }
-
         int selectorAutoRebuildThreshold = SystemPropertyUtil.getInt("io.netty.selectorAutoRebuildThreshold", 512);
         if (selectorAutoRebuildThreshold < MIN_PREMATURE_SELECTOR_RETURNS) {
             selectorAutoRebuildThreshold = 0;
diff --git a/transport/src/main/java/io/netty/channel/socket/nio/NioChannelOption.java b/transport/src/main/java/io/netty/channel/socket/nio/NioChannelOption.java
index b5c15e7d899..27ed3bcec5a 100644
--- a/transport/src/main/java/io/netty/channel/socket/nio/NioChannelOption.java
+++ b/transport/src/main/java/io/netty/channel/socket/nio/NioChannelOption.java
@@ -17,10 +17,12 @@
 
 import io.netty.channel.ChannelException;
 import io.netty.channel.ChannelOption;
-import io.netty.util.internal.SuppressJava6Requirement;
 
 import java.io.IOException;
+import java.net.SocketOption;
+import java.net.StandardSocketOptions;
 import java.nio.channels.Channel;
+import java.nio.channels.NetworkChannel;
 import java.nio.channels.ServerSocketChannel;
 import java.util.ArrayList;
 import java.util.List;
@@ -28,15 +30,14 @@
 
 /**
  * Provides {@link ChannelOption} over a given {@link java.net.SocketOption} which is then passed through the underlying
- * {@link java.nio.channels.NetworkChannel}.
+ * {@link NetworkChannel}.
  */
-@SuppressJava6Requirement(reason = "Usage explicit by the user")
 public final class NioChannelOption<T> extends ChannelOption<T> {
 
-    private final java.net.SocketOption<T> option;
+    private final SocketOption<T> option;
 
     @SuppressWarnings("deprecation")
-    private NioChannelOption(java.net.SocketOption<T> option) {
+    private NioChannelOption(SocketOption<T> option) {
         super(option.name());
         this.option = option;
     }
@@ -44,24 +45,17 @@ private NioChannelOption(java.net.SocketOption<T> option) {
     /**
      * Returns a {@link ChannelOption} for the given {@link java.net.SocketOption}.
      */
-    public static <T> ChannelOption<T> of(java.net.SocketOption<T> option) {
+    public static <T> ChannelOption<T> of(SocketOption<T> option) {
         return new NioChannelOption<T>(option);
     }
 
-    // It's important to not use java.nio.channels.NetworkChannel as otherwise the classes that sometimes call this
-    // method may not be used on Java 6, as method linking can happen eagerly even if this method was not actually
-    // called at runtime.
-    //
-    // See https://github.com/netty/netty/issues/8166
-
     // Internal helper methods to remove code duplication between Nio*Channel implementations.
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     static <T> boolean setOption(Channel jdkChannel, NioChannelOption<T> option, T value) {
-        java.nio.channels.NetworkChannel channel = (java.nio.channels.NetworkChannel) jdkChannel;
+        NetworkChannel channel = (NetworkChannel) jdkChannel;
         if (!channel.supportedOptions().contains(option.option)) {
             return false;
         }
-        if (channel instanceof ServerSocketChannel && option.option == java.net.StandardSocketOptions.IP_TOS) {
+        if (channel instanceof ServerSocketChannel && option.option == StandardSocketOptions.IP_TOS) {
             // Skip IP_TOS as a workaround for a JDK bug:
             // See https://mail.openjdk.java.net/pipermail/nio-dev/2018-August/005365.html
             return false;
@@ -74,14 +68,13 @@ static <T> boolean setOption(Channel jdkChannel, NioChannelOption<T> option, T v
         }
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     static <T> T getOption(Channel jdkChannel, NioChannelOption<T> option) {
-        java.nio.channels.NetworkChannel channel = (java.nio.channels.NetworkChannel) jdkChannel;
+        NetworkChannel channel = (NetworkChannel) jdkChannel;
 
         if (!channel.supportedOptions().contains(option.option)) {
             return null;
         }
-        if (channel instanceof ServerSocketChannel && option.option == java.net.StandardSocketOptions.IP_TOS) {
+        if (channel instanceof ServerSocketChannel && option.option == StandardSocketOptions.IP_TOS) {
             // Skip IP_TOS as a workaround for a JDK bug:
             // See https://mail.openjdk.java.net/pipermail/nio-dev/2018-August/005365.html
             return null;
@@ -93,16 +86,15 @@ static <T> T getOption(Channel jdkChannel, NioChannelOption<T> option) {
         }
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     @SuppressWarnings("unchecked")
-    static ChannelOption[] getOptions(Channel jdkChannel) {
-        java.nio.channels.NetworkChannel channel = (java.nio.channels.NetworkChannel) jdkChannel;
-        Set<java.net.SocketOption<?>> supportedOpts = channel.supportedOptions();
+    static ChannelOption<?>[] getOptions(Channel jdkChannel) {
+        NetworkChannel channel = (NetworkChannel) jdkChannel;
+        Set<SocketOption<?>> supportedOpts = channel.supportedOptions();
 
         if (channel instanceof ServerSocketChannel) {
             List<ChannelOption<?>> extraOpts = new ArrayList<ChannelOption<?>>(supportedOpts.size());
-            for (java.net.SocketOption<?> opt : supportedOpts) {
-                if (opt == java.net.StandardSocketOptions.IP_TOS) {
+            for (SocketOption<?> opt : supportedOpts) {
+                if (opt == StandardSocketOptions.IP_TOS) {
                     // Skip IP_TOS as a workaround for a JDK bug:
                     // See https://mail.openjdk.java.net/pipermail/nio-dev/2018-August/005365.html
                     continue;
@@ -114,7 +106,7 @@ static ChannelOption[] getOptions(Channel jdkChannel) {
             ChannelOption<?>[] extraOpts = new ChannelOption[supportedOpts.size()];
 
             int i = 0;
-            for (java.net.SocketOption<?> opt : supportedOpts) {
+            for (SocketOption<?> opt : supportedOpts) {
                 extraOpts[i++] = new NioChannelOption(opt);
             }
             return extraOpts;
diff --git a/transport/src/main/java/io/netty/channel/socket/nio/NioDatagramChannel.java b/transport/src/main/java/io/netty/channel/socket/nio/NioDatagramChannel.java
index a361f3dc208..8dd70d522ea 100644
--- a/transport/src/main/java/io/netty/channel/socket/nio/NioDatagramChannel.java
+++ b/transport/src/main/java/io/netty/channel/socket/nio/NioDatagramChannel.java
@@ -32,10 +32,9 @@
 import io.netty.channel.socket.InternetProtocolFamily;
 import io.netty.util.UncheckedBooleanSupplier;
 import io.netty.util.internal.ObjectUtil;
-import io.netty.util.internal.SocketUtils;
 import io.netty.util.internal.PlatformDependent;
+import io.netty.util.internal.SocketUtils;
 import io.netty.util.internal.StringUtil;
-import io.netty.util.internal.SuppressJava6Requirement;
 
 import java.io.IOException;
 import java.net.InetAddress;
@@ -78,28 +77,25 @@ public final class NioDatagramChannel
 
     private Map<InetAddress, List<MembershipKey>> memberships;
 
+    /**
+     *  Use the {@link SelectorProvider} to open {@link DatagramChannel} and so remove condition in
+     *  {@link SelectorProvider#provider()} which is called by each DatagramChannel.open() otherwise.
+     * <p>
+     *  See <a href="https://github.com/netty/netty/issues/2308">#2308</a>.
+     */
     private static DatagramChannel newSocket(SelectorProvider provider) {
         try {
-            /**
-             *  Use the {@link SelectorProvider} to open {@link SocketChannel} and so remove condition in
-             *  {@link SelectorProvider#provider()} which is called by each DatagramChannel.open() otherwise.
-             *
-             *  See <a href="https://github.com/netty/netty/issues/2308">#2308</a>.
-             */
             return provider.openDatagramChannel();
         } catch (IOException e) {
             throw new ChannelException("Failed to open a socket.", e);
         }
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     private static DatagramChannel newSocket(SelectorProvider provider, InternetProtocolFamily ipFamily) {
         if (ipFamily == null) {
             return newSocket(provider);
         }
 
-        checkJavaVersion();
-
         try {
             return provider.openDatagramChannel(ProtocolFamilyConverter.convert(ipFamily));
         } catch (IOException e) {
@@ -107,12 +103,6 @@ private static DatagramChannel newSocket(SelectorProvider provider, InternetProt
         }
     }
 
-    private static void checkJavaVersion() {
-        if (PlatformDependent.javaVersion() < 7) {
-            throw new UnsupportedOperationException("Only supported on java 7+.");
-        }
-    }
-
     /**
      * Create a new instance which will use the Operation Systems default {@link InternetProtocolFamily}.
      */
@@ -198,11 +188,7 @@ protected void doBind(SocketAddress localAddress) throws Exception {
     }
 
     private void doBind0(SocketAddress localAddress) throws Exception {
-        if (PlatformDependent.javaVersion() >= 7) {
-            SocketUtils.bind(javaChannel(), localAddress);
-        } else {
-            javaChannel().socket().bind(localAddress);
-        }
+        SocketUtils.bind(javaChannel(), localAddress);
     }
 
     @Override
@@ -410,14 +396,11 @@ public ChannelFuture joinGroup(
         return joinGroup(multicastAddress, networkInterface, source, newPromise());
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     @Override
     public ChannelFuture joinGroup(
             InetAddress multicastAddress, NetworkInterface networkInterface,
             InetAddress source, ChannelPromise promise) {
 
-        checkJavaVersion();
-
         ObjectUtil.checkNotNull(multicastAddress, "multicastAddress");
         ObjectUtil.checkNotNull(networkInterface, "networkInterface");
 
@@ -486,12 +469,10 @@ public ChannelFuture leaveGroup(
         return leaveGroup(multicastAddress, networkInterface, source, newPromise());
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     @Override
     public ChannelFuture leaveGroup(
             InetAddress multicastAddress, NetworkInterface networkInterface, InetAddress source,
             ChannelPromise promise) {
-        checkJavaVersion();
 
         ObjectUtil.checkNotNull(multicastAddress, "multicastAddress");
         ObjectUtil.checkNotNull(networkInterface, "networkInterface");
@@ -536,12 +517,10 @@ public ChannelFuture block(
     /**
      * Block the given sourceToBlock address for the given multicastAddress on the given networkInterface
      */
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     @Override
     public ChannelFuture block(
             InetAddress multicastAddress, NetworkInterface networkInterface,
             InetAddress sourceToBlock, ChannelPromise promise) {
-        checkJavaVersion();
 
         ObjectUtil.checkNotNull(multicastAddress, "multicastAddress");
         ObjectUtil.checkNotNull(sourceToBlock, "sourceToBlock");
diff --git a/transport/src/main/java/io/netty/channel/socket/nio/NioDatagramChannelConfig.java b/transport/src/main/java/io/netty/channel/socket/nio/NioDatagramChannelConfig.java
index 0c8fc66e35d..76efbbf25dd 100644
--- a/transport/src/main/java/io/netty/channel/socket/nio/NioDatagramChannelConfig.java
+++ b/transport/src/main/java/io/netty/channel/socket/nio/NioDatagramChannelConfig.java
@@ -210,7 +210,7 @@ private void setOption0(Object option, Object value) {
 
     @Override
     public <T> boolean setOption(ChannelOption<T> option, T value) {
-        if (PlatformDependent.javaVersion() >= 7 && option instanceof NioChannelOption) {
+        if (option instanceof NioChannelOption) {
             return NioChannelOption.setOption(javaChannel, (NioChannelOption<T>) option, value);
         }
         return super.setOption(option, value);
@@ -218,18 +218,14 @@ public <T> boolean setOption(ChannelOption<T> option, T value) {
 
     @Override
     public <T> T getOption(ChannelOption<T> option) {
-        if (PlatformDependent.javaVersion() >= 7 && option instanceof NioChannelOption) {
+        if (option instanceof NioChannelOption) {
             return NioChannelOption.getOption(javaChannel, (NioChannelOption<T>) option);
         }
         return super.getOption(option);
     }
 
-    @SuppressWarnings("unchecked")
     @Override
     public Map<ChannelOption<?>, Object> getOptions() {
-        if (PlatformDependent.javaVersion() >= 7) {
-            return getOptions(super.getOptions(), NioChannelOption.getOptions(javaChannel));
-        }
-        return super.getOptions();
+        return getOptions(super.getOptions(), NioChannelOption.getOptions(javaChannel));
     }
 }
diff --git a/transport/src/main/java/io/netty/channel/socket/nio/NioServerSocketChannel.java b/transport/src/main/java/io/netty/channel/socket/nio/NioServerSocketChannel.java
index fdd4a9aea61..d5bb5230453 100644
--- a/transport/src/main/java/io/netty/channel/socket/nio/NioServerSocketChannel.java
+++ b/transport/src/main/java/io/netty/channel/socket/nio/NioServerSocketChannel.java
@@ -19,13 +19,11 @@
 import io.netty.channel.ChannelMetadata;
 import io.netty.channel.ChannelOption;
 import io.netty.channel.ChannelOutboundBuffer;
-import io.netty.channel.socket.InternetProtocolFamily;
-import io.netty.util.internal.SocketUtils;
 import io.netty.channel.nio.AbstractNioMessageChannel;
 import io.netty.channel.socket.DefaultServerSocketChannelConfig;
+import io.netty.channel.socket.InternetProtocolFamily;
 import io.netty.channel.socket.ServerSocketChannelConfig;
-import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
+import io.netty.util.internal.SocketUtils;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
 
@@ -134,14 +132,9 @@ protected SocketAddress localAddress0() {
         return SocketUtils.localSocketAddress(javaChannel().socket());
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     @Override
     protected void doBind(SocketAddress localAddress) throws Exception {
-        if (PlatformDependent.javaVersion() >= 7) {
-            javaChannel().bind(localAddress, config.getBacklog());
-        } else {
-            javaChannel().socket().bind(localAddress, config.getBacklog());
-        }
+        javaChannel().bind(localAddress, config.getBacklog());
     }
 
     @Override
@@ -215,7 +208,7 @@ protected void autoReadCleared() {
 
         @Override
         public <T> boolean setOption(ChannelOption<T> option, T value) {
-            if (PlatformDependent.javaVersion() >= 7 && option instanceof NioChannelOption) {
+            if (option instanceof NioChannelOption) {
                 return NioChannelOption.setOption(jdkChannel(), (NioChannelOption<T>) option, value);
             }
             return super.setOption(option, value);
@@ -223,7 +216,7 @@ public <T> boolean setOption(ChannelOption<T> option, T value) {
 
         @Override
         public <T> T getOption(ChannelOption<T> option) {
-            if (PlatformDependent.javaVersion() >= 7 && option instanceof NioChannelOption) {
+            if (option instanceof NioChannelOption) {
                 return NioChannelOption.getOption(jdkChannel(), (NioChannelOption<T>) option);
             }
             return super.getOption(option);
@@ -231,10 +224,7 @@ public <T> T getOption(ChannelOption<T> option) {
 
         @Override
         public Map<ChannelOption<?>, Object> getOptions() {
-            if (PlatformDependent.javaVersion() >= 7) {
-                return getOptions(super.getOptions(), NioChannelOption.getOptions(jdkChannel()));
-            }
-            return super.getOptions();
+            return getOptions(super.getOptions(), NioChannelOption.getOptions(jdkChannel()));
         }
 
         private ServerSocketChannel jdkChannel() {
diff --git a/transport/src/main/java/io/netty/channel/socket/nio/NioSocketChannel.java b/transport/src/main/java/io/netty/channel/socket/nio/NioSocketChannel.java
index c76ed5bc00e..c1d1649ef82 100644
--- a/transport/src/main/java/io/netty/channel/socket/nio/NioSocketChannel.java
+++ b/transport/src/main/java/io/netty/channel/socket/nio/NioSocketChannel.java
@@ -32,9 +32,7 @@
 import io.netty.channel.socket.ServerSocketChannel;
 import io.netty.channel.socket.SocketChannelConfig;
 import io.netty.util.concurrent.GlobalEventExecutor;
-import io.netty.util.internal.PlatformDependent;
 import io.netty.util.internal.SocketUtils;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.UnstableApi;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
@@ -160,15 +158,10 @@ public InetSocketAddress remoteAddress() {
         return (InetSocketAddress) super.remoteAddress();
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     @UnstableApi
     @Override
     protected final void doShutdownOutput() throws Exception {
-        if (PlatformDependent.javaVersion() >= 7) {
-            javaChannel().shutdownOutput();
-        } else {
-            javaChannel().socket().shutdownOutput();
-        }
+        javaChannel().shutdownOutput();
     }
 
     @Override
@@ -279,13 +272,8 @@ private void shutdownInput0(final ChannelPromise promise) {
         }
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     private void shutdownInput0() throws Exception {
-        if (PlatformDependent.javaVersion() >= 7) {
-            javaChannel().shutdownInput();
-        } else {
-            javaChannel().socket().shutdownInput();
-        }
+        javaChannel().shutdownInput();
     }
 
     @Override
@@ -304,11 +292,7 @@ protected void doBind(SocketAddress localAddress) throws Exception {
     }
 
     private void doBind0(SocketAddress localAddress) throws Exception {
-        if (PlatformDependent.javaVersion() >= 7) {
-            SocketUtils.bind(javaChannel(), localAddress);
-        } else {
-            SocketUtils.bind(javaChannel().socket(), localAddress);
-        }
+        SocketUtils.bind(javaChannel(), localAddress);
     }
 
     @Override
@@ -492,7 +476,7 @@ public NioSocketChannelConfig setSendBufferSize(int sendBufferSize) {
 
         @Override
         public <T> boolean setOption(ChannelOption<T> option, T value) {
-            if (PlatformDependent.javaVersion() >= 7 && option instanceof NioChannelOption) {
+            if (option instanceof NioChannelOption) {
                 return NioChannelOption.setOption(jdkChannel(), (NioChannelOption<T>) option, value);
             }
             return super.setOption(option, value);
@@ -500,7 +484,7 @@ public <T> boolean setOption(ChannelOption<T> option, T value) {
 
         @Override
         public <T> T getOption(ChannelOption<T> option) {
-            if (PlatformDependent.javaVersion() >= 7 && option instanceof NioChannelOption) {
+            if (option instanceof NioChannelOption) {
                 return NioChannelOption.getOption(jdkChannel(), (NioChannelOption<T>) option);
             }
             return super.getOption(option);
@@ -508,10 +492,7 @@ public <T> T getOption(ChannelOption<T> option) {
 
         @Override
         public Map<ChannelOption<?>, Object> getOptions() {
-            if (PlatformDependent.javaVersion() >= 7) {
-                return getOptions(super.getOptions(), NioChannelOption.getOptions(jdkChannel()));
-            }
-            return super.getOptions();
+            return getOptions(super.getOptions(), NioChannelOption.getOptions(jdkChannel()));
         }
 
         void setMaxBytesPerGatheringWrite(int maxBytesPerGatheringWrite) {
diff --git a/transport/src/main/java/io/netty/channel/socket/nio/ProtocolFamilyConverter.java b/transport/src/main/java/io/netty/channel/socket/nio/ProtocolFamilyConverter.java
index 527b4eb9486..c5f8499d271 100644
--- a/transport/src/main/java/io/netty/channel/socket/nio/ProtocolFamilyConverter.java
+++ b/transport/src/main/java/io/netty/channel/socket/nio/ProtocolFamilyConverter.java
@@ -16,7 +16,6 @@
 package io.netty.channel.socket.nio;
 
 import io.netty.channel.socket.InternetProtocolFamily;
-import io.netty.util.internal.SuppressJava6Requirement;
 
 import java.net.ProtocolFamily;
 import java.net.StandardProtocolFamily;
@@ -33,7 +32,6 @@ private ProtocolFamilyConverter() {
     /**
      * Convert the {@link InternetProtocolFamily}. This MUST only be called on jdk version >= 7.
      */
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     public static ProtocolFamily convert(InternetProtocolFamily family) {
         switch (family) {
         case IPv4:
diff --git a/transport/src/main/java/io/netty/channel/socket/nio/SelectorProviderUtil.java b/transport/src/main/java/io/netty/channel/socket/nio/SelectorProviderUtil.java
index f6fc27973fe..e0a56839fd6 100644
--- a/transport/src/main/java/io/netty/channel/socket/nio/SelectorProviderUtil.java
+++ b/transport/src/main/java/io/netty/channel/socket/nio/SelectorProviderUtil.java
@@ -17,7 +17,6 @@
 
 import io.netty.channel.socket.InternetProtocolFamily;
 import io.netty.util.internal.PlatformDependent;
-import io.netty.util.internal.SuppressJava6Requirement;
 import io.netty.util.internal.logging.InternalLogger;
 import io.netty.util.internal.logging.InternalLoggerFactory;
 
@@ -32,7 +31,6 @@
 final class SelectorProviderUtil {
     private static final InternalLogger logger = InternalLoggerFactory.getInstance(SelectorProviderUtil.class);
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     static Method findOpenMethod(String methodName) {
         if (PlatformDependent.javaVersion() >= 15) {
             try {
@@ -44,15 +42,14 @@ static Method findOpenMethod(String methodName) {
         return null;
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
+    /**
+     * Use the {@link SelectorProvider} to open {@link SocketChannel} and so remove condition in
+     * {@link SelectorProvider#provider()} which is called by each SocketChannel.open() otherwise.
+     * <p>
+     * See <a href="https://github.com/netty/netty/issues/2308">#2308</a>.
+     */
     private static <C extends Channel> C newChannel(Method method, SelectorProvider provider,
-                                            Object family) throws IOException {
-        /**
-         *  Use the {@link SelectorProvider} to open {@link SocketChannel} and so remove condition in
-         *  {@link SelectorProvider#provider()} which is called by each SocketChannel.open() otherwise.
-         *
-         *  See <a href="https://github.com/netty/netty/issues/2308">#2308</a>.
-         */
+                                                    Object family) throws IOException {
         if (family != null && method != null) {
             try {
                 @SuppressWarnings("unchecked")
@@ -67,7 +64,6 @@ private static <C extends Channel> C newChannel(Method method, SelectorProvider
         return null;
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     static <C extends Channel> C newChannel(Method method, SelectorProvider provider,
                                                     InternetProtocolFamily family) throws IOException {
         if (family != null) {
@@ -76,7 +72,6 @@ static <C extends Channel> C newChannel(Method method, SelectorProvider provider
         return null;
     }
 
-    @SuppressJava6Requirement(reason = "Usage guarded by java version check")
     static <C extends Channel> C newDomainSocketChannel(Method method, SelectorProvider provider) throws IOException {
         return newChannel(method, provider, StandardProtocolFamily.valueOf("UNIX"));
     }