PDavid commented on code in PR #2359: URL: https://github.com/apache/zookeeper/pull/2359#discussion_r2913584280
########## zookeeper-docs/src/main/resources/markdown/zookeeperAdmin.md: ########## @@ -2188,6 +2188,19 @@ Both subsystems need to have sufficient amount of threads to achieve peak read t #### AdminServer configuration +**New in 3.10.0:** The following +options are used to configure the [AdminServer](#sc_adminserver). + +* *admin.ssl.ciphersuites* : + (Java system property: **zookeeper.admin.ssl.ciphersuites**) + The enabled cipher suites to be used in TLS negotiation for AdminServer. + Default: JDK defaults. + +* *admin.ssl.enabledProtocols* : + (Java system property: **zookeeper.admin.ssl.enabledProtocols**) + The enabled protocols to be used in TLS negotiation for AdminServer. + Default: TLSv1.3 if it is supported by the JDK, otherwise TLSv1.2. Review Comment: Do you think these defaults are good or should we just skip setting cipher suites and TLS protocol version on `SslContextFactory.Server` so that Jetty defaults are used? What do you all think? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
