Hi Wanghui, quoting your reply here since it went only to me instead of the mailing list as well:
Hi Nico: > > Thank you for your reply. > > I configured security.ssl.algorithms in flink-conf.yaml, but it > seems to work only for SSL connections to internal services. > > The red part in the figure does not take effect. > > Best regards, > > WangHui > You are right, in SSLUtils#createRestNettySSLContext, ciphers are not considered (as opposed to SSLUtils#createInternalNettySSLContext) - corresponding to your observation that it works for internal, but not external communication. Adding Nico (another one) to the loop here, who may know more about whether there is a reason for this or whether this is a bug. Best regards, Nico On Tue, Jul 6, 2021 at 5:28 PM Nicolaus Weidner < nicolaus.weid...@data-artisans.com> wrote: > Hi Wanghui, > > if I understand correctly, you are looking for the config option > security.ssl.algorithms [1]? > > Best regards, > Nico > > [1] > https://ci.apache.org/projects/flink/flink-docs-release-1.13/docs/deployment/security/security-ssl/#cipher-suites > > On Tue, Jul 6, 2021 at 3:46 AM Wanghui (HiCampus) <wanghu...@huawei.com> > wrote: > >> Hi all: >> >> How Do I Specify the Encryption Algorithm Suite of the REST Service After >> the SSL Option Is Enabled for Flink? >> >> >> >> *王辉 (WangHui)* >> >> 智慧园区解决方案部 [云与计算BG] >> >> 华为技术有限公司 >> >> Tel : +86 15940836304 >> >> Email : *wanghu...@huawei.com <wanghu...@huawei.com>* >> >> >> This e-mail and its attachments contain confidential information from >> HUAWEI, which is intended only for the person or entity whose address is >> listed above. Any use of the information contained herein in any way >> (including, but not limited to, total or partial disclosure, reproduction, >> or dissemination) by persons other than the intended recipient(s) is >> prohibited. If you receive this e-mail in error, please notify the sender >> by phone or email immediately and delete it! >> >> >> >
