diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt
index 31c65b58370..243735926a5 100644
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -71,6 +71,9 @@ Release 0.23.3 - UNRELEASED
     HADOOP-8142. Update versions from 0.23.2 to 0.23.3 in the build files.
     (szetszwo)
 
+    HADOOP-8141. Add method to SecurityUtil to init krb5 cipher suites.
+    (todd)
+
   OPTIMIZATIONS
 
   BUG FIXES
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Krb5AndCertsSslSocketConnector.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Krb5AndCertsSslSocketConnector.java
index c8be9fd7118..625cad52d35 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Krb5AndCertsSslSocketConnector.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Krb5AndCertsSslSocketConnector.java
@@ -58,7 +58,7 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
     Collections.unmodifiableList(Collections.singletonList(
           "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"));
   static {
-    System.setProperty("https.cipherSuites", KRB5_CIPHER_SUITES.get(0));
+    SecurityUtil.initKrb5CipherSuites();
   }
   
   private static final Log LOG = LogFactory
diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
index 26858874649..31895624f00 100644
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java
@@ -598,4 +598,11 @@ public class SecurityUtil {
       searchDomains = Arrays.asList(domains);
     }
   }  
+
+  public static void initKrb5CipherSuites() {
+    if (UserGroupInformation.isSecurityEnabled()) {
+      System.setProperty("https.cipherSuites",
+          Krb5AndCertsSslSocketConnector.KRB5_CIPHER_SUITES.get(0));
+    }
+  }
 }