Description
In Oracle Linux 6.8 configurations, the curl command cannot connect to certain CDH services that run on Apache Tomcat when the cluster has been configured for TLS/SSL. Specifically, HttpFS, KMS, Oozie, and Solr services reject connection attempts because the default cipher configuration uses weak temporary server keys (based on Diffie-Hellman key exchange protocol).
Attachments
Attachments
Issue Links
- depends upon
-
HADOOP-14083 KMS should support old SSL clients
- Resolved
- is related to
-
HDFS-11816 Update default SSL cipher list for HttpFS
- Resolved