WillemJiang commented on a change in pull request #593: [SCB-1593] Use Netty native transport improve performance URL: https://github.com/apache/servicecomb-pack/pull/593#discussion_r346757404
########## File path: alpha/alpha-server/src/main/resources/ssl.properties ########## @@ -13,5 +13,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -ciphers = ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-SHA256 +# Netty support ssl with boringssl https://github.com/google/boringssl +# Boringssl support ciphers https://github.com/google/boringssl/blob/master/ssl/ssl_cipher.cc +# +# Notice: +# Boringssl remove legacy SHA-2 CBC ciphers. https://github.com/google/boringssl/commit/6e678eeb6e76171712ae00d467321b6fe196152d + +ciphers = ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-AES256-GCM-SHA384 Review comment: OK ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
