HADOOP-11217. (Addendum to allow SSLv2Hello) Disable SSLv3 in KMS. (Robert Kanter via kasha)
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/87818ef4 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/87818ef4 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/87818ef4 Branch: refs/heads/HDFS-EC Commit: 87818ef4e7c1a49dc3b0d6766cceb3499b07b837 Parents: b0a9cd3 Author: Karthik Kambatla <[email protected]> Authored: Wed Nov 12 18:39:03 2014 -0800 Committer: Karthik Kambatla <[email protected]> Committed: Wed Nov 12 18:39:03 2014 -0800 ---------------------------------------------------------------------- hadoop-common-project/hadoop-kms/src/main/tomcat/ssl-server.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/87818ef4/hadoop-common-project/hadoop-kms/src/main/tomcat/ssl-server.xml ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-kms/src/main/tomcat/ssl-server.xml b/hadoop-common-project/hadoop-kms/src/main/tomcat/ssl-server.xml index 531ad15..5215ded 100644 --- a/hadoop-common-project/hadoop-kms/src/main/tomcat/ssl-server.xml +++ b/hadoop-common-project/hadoop-kms/src/main/tomcat/ssl-server.xml @@ -70,7 +70,7 @@ described in the APR documentation --> <Connector port="${kms.http.port}" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="${kms.max.threads}" scheme="https" secure="true" - clientAuth="false" sslEnabledProtocols="TLSv1" + clientAuth="false" sslEnabledProtocols="TLSv1,SSLv2Hello" keystoreFile="${kms.ssl.keystore.file}" keystorePass="${kms.ssl.keystore.pass}"/>
