Bence Kosztolnik created HADOOP-19546:
-----------------------------------------
Summary: Include cipher feature for HttpServer2 and SSLFactory
Key: HADOOP-19546
URL: https://issues.apache.org/jira/browse/HADOOP-19546
Project: Hadoop Common
Issue Type: Improvement
Components: hadoop-common, hdfs, yarn
Affects Versions: 3.4.1
Reporter: Bence Kosztolnik
Assignee: Bence Kosztolnik
Currently, we have a feature to exclude weak ciphers from *HttpServer2* and
*SSLFactory* using the *ssl.server.exclude.cipher.list property*.
With this feature, we can also define an inclusion list of ciphers using the
*ssl.server.include.cipher.list property*.
If the inclusion list is populated, any cipher not present in the list will not
be allowed.
If a cipher is present in both the exclusion and inclusion lists, it will be
excluded.
Note that SSLFactory does not support regex-based cipher patterns, unlike
HttpServer2.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org
