This is an automated email from the ASF dual-hosted git repository. ningjiang pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/servicecomb-pack.git
commit 1a6e594381c6b55f74449468bfc8fdb5afd2cdbd Author: Lei Zhang <[email protected]> AuthorDate: Fri Nov 15 15:45:55 2019 +0800 SCB-1593 Remove ECDHE-ECDSA-AES128-SHA256 ciphers. https://github.com/google/boringssl/commit/6e678eeb6e76171712ae00d467321b6fe196152d --- alpha/alpha-server/src/main/resources/ssl.properties | 2 +- .../servicecomb/pack/alpha/server/AlphaIntegrationWithSSLTest.java | 3 +-- .../omega-connector-grpc/src/main/resources/ssl.properties | 2 +- .../omega/connector/grpc/saga/SagaLoadBalanceSenderWithTLSTest.java | 3 +-- 4 files changed, 4 insertions(+), 6 deletions(-) diff --git a/alpha/alpha-server/src/main/resources/ssl.properties b/alpha/alpha-server/src/main/resources/ssl.properties index dccd4c8..ff3c214 100644 --- a/alpha/alpha-server/src/main/resources/ssl.properties +++ b/alpha/alpha-server/src/main/resources/ssl.properties @@ -13,5 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -ciphers = ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-SHA256 +ciphers = ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-AES256-GCM-SHA384 protocols = TLSv1.2 diff --git a/alpha/alpha-server/src/test/java/org/apache/servicecomb/pack/alpha/server/AlphaIntegrationWithSSLTest.java b/alpha/alpha-server/src/test/java/org/apache/servicecomb/pack/alpha/server/AlphaIntegrationWithSSLTest.java index a3b0dfb..140238e 100644 --- a/alpha/alpha-server/src/test/java/org/apache/servicecomb/pack/alpha/server/AlphaIntegrationWithSSLTest.java +++ b/alpha/alpha-server/src/test/java/org/apache/servicecomb/pack/alpha/server/AlphaIntegrationWithSSLTest.java @@ -60,8 +60,7 @@ public class AlphaIntegrationWithSSLTest extends AlphaIntegrationTest { sslContext = GrpcSslContexts.forClient().sslProvider(SslProvider.OPENSSL) .protocols("TLSv1.2","TLSv1.1") .ciphers(Arrays.asList("ECDHE-RSA-AES128-GCM-SHA256", - "ECDHE-RSA-AES256-GCM-SHA384", - "ECDHE-ECDSA-AES128-SHA256")) + "ECDHE-RSA-AES256-GCM-SHA384")) .trustManager(new File(classLoader.getResource("ca.crt").getFile())) .keyManager(new File(classLoader.getResource("client.crt").getFile()), new File(classLoader.getResource("client.pem").getFile())).build(); diff --git a/omega/omega-connector/omega-connector-grpc/src/main/resources/ssl.properties b/omega/omega-connector/omega-connector-grpc/src/main/resources/ssl.properties index dccd4c8..ff3c214 100644 --- a/omega/omega-connector/omega-connector-grpc/src/main/resources/ssl.properties +++ b/omega/omega-connector/omega-connector-grpc/src/main/resources/ssl.properties @@ -13,5 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -ciphers = ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-SHA256 +ciphers = ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-AES256-GCM-SHA384 protocols = TLSv1.2 diff --git a/omega/omega-connector/omega-connector-grpc/src/test/java/org/apache/servicecomb/pack/omega/connector/grpc/saga/SagaLoadBalanceSenderWithTLSTest.java b/omega/omega-connector/omega-connector-grpc/src/test/java/org/apache/servicecomb/pack/omega/connector/grpc/saga/SagaLoadBalanceSenderWithTLSTest.java index 8007f19..6873661 100644 --- a/omega/omega-connector/omega-connector-grpc/src/test/java/org/apache/servicecomb/pack/omega/connector/grpc/saga/SagaLoadBalanceSenderWithTLSTest.java +++ b/omega/omega-connector/omega-connector-grpc/src/test/java/org/apache/servicecomb/pack/omega/connector/grpc/saga/SagaLoadBalanceSenderWithTLSTest.java @@ -107,8 +107,7 @@ public class SagaLoadBalanceSenderWithTLSTest extends SagaLoadBalancedSenderTest new File(classLoader.getResource("server.pem").getFile())) .protocols("TLSv1.2","TLSv1.1") .ciphers(Arrays.asList("ECDHE-RSA-AES128-GCM-SHA256", - "ECDHE-RSA-AES256-GCM-SHA384", - "ECDHE-ECDSA-AES128-SHA256")); + "ECDHE-RSA-AES256-GCM-SHA384")); sslClientContextBuilder.trustManager(new File(classLoader.getResource("client.crt").getFile())); sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
