HADOOP-16000. Remove TLSv1 and SSLv2Hello from the default value of hadoop.ssl.enabled.protocols

Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
This commit is contained in:
Gabor Bota 2018-12-12 07:28:35 +01:00 committed by Akira Ajisaka
parent 26e55d4ceb
commit 1ea29b7385
No known key found for this signature in database
GPG Key ID: C1EDBB9CA400FD50
2 changed files with 4 additions and 3 deletions

View File

@ -72,7 +72,7 @@ public class SSLFactory implements ConnectionConfigurator {
public static final String SSL_ENABLED_PROTOCOLS_KEY =
"hadoop.ssl.enabled.protocols";
public static final String SSL_ENABLED_PROTOCOLS_DEFAULT =
"TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
"TLSv1.1,TLSv1.2";
public static final String SSL_SERVER_NEED_CLIENT_AUTH =
"ssl.server.need.client.auth";

View File

@ -2417,9 +2417,10 @@
<property>
<name>hadoop.ssl.enabled.protocols</name>
<value>TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2</value>
<value>TLSv1.1,TLSv1.2</value>
<description>
The supported SSL protocols.
The supported SSL protocols. The parameter will only used from
DatanodeHttpServer.
</description>
</property>