Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.4.2
-
None
Description
The current default cipher suite TLS_RSA_WITH_AES_128_CBC_SHA is no longer recommended.
RFC 7525 [1] recommends to use the following cipher suites only:
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Attachments
Issue Links
- relates to
-
FLINK-9437 Revert cypher suite update
- Closed
- links to