SSL: Added more default ciphers

Original commit: elastic/x-pack-elasticsearch@c419eccec2
2025-02-17 18:35:25 +00:00 · 2014-10-01 11:03:08 +02:00 · 2014-10-01 11:03:08 +02:00 · f5589cffb2
commit f5589cffb2
parent 637a9e773c
1 changed files with 1 additions and 2 deletions
--- a/src/main/java/org/elasticsearch/shield/transport/ssl/SSLConfig.java
+++ b/src/main/java/org/elasticsearch/shield/transport/ssl/SSLConfig.java
@ -22,8 +22,7 @@ import java.util.Arrays;
 public class SSLConfig {

    private static final ESLogger logger = Loggers.getLogger(SSLConfig.class);
-    // TODO removing the second one results in fails, need to verify the differences, maybe per JVM?
-    static final String[] DEFAULT_CIPHERS = new String[] { "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA" };
+    static final String[] DEFAULT_CIPHERS = new String[] { "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" };
    private final boolean clientAuth;

    private SSLContext sslContext;