This is an automated email from the ASF dual-hosted git repository.
bstoyanov pushed a commit to branch 4.11
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.11 by this push:
new 6e51bde client: don't disable TLSv1, TLSv1.1 by default that breaks
VMware env
new c4b06ff Merge pull request #3238 from shapeblue/tls-vmware-issue-fix
6e51bde is described below
commit 6e51bde2285f71f3a5f54feb6c4f715391adffb3
Author: Rohit Yadav <[email protected]>
AuthorDate: Tue Mar 26 18:15:20 2019 +0530
client: don't disable TLSv1, TLSv1.1 by default that breaks VMware env
This fixes the issue that TLSv1 and TLSv1.1 are still used by CloudStack
management server to communicate with VMware vCenter server. With the
current defaults, the setup/deployment on VMware fails. Users/admins
can however setup the security file according to their env needs to
disable TLSv1 and TLSv1.1 for server sockets (8250/agent service for
example).
Signed-off-by: Rohit Yadav <[email protected]>
---
client/conf/java.security.ciphers.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/client/conf/java.security.ciphers.in
b/client/conf/java.security.ciphers.in
index 6e7620e..036488f 100644
--- a/client/conf/java.security.ciphers.in
+++ b/client/conf/java.security.ciphers.in
@@ -15,4 +15,4 @@
# specific language governing permissions and limitations
# under the License.
-jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1, TLSv1.1, DH keySize <
128, RSA keySize < 128, DES keySize < 128, SHA1 keySize < 128, MD5 keySize <
128, RC4
+jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, DH keySize < 128, RSA keySize <
128, DES keySize < 128, SHA1 keySize < 128, MD5 keySize < 128, RC4
