-
Type:
Improvement
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 3.3.0
-
Component/s: security
-
Labels:None
-
Target Version/s:
-
Hadoop Flags:Incompatible change, Reviewed
-
Release Note:TLSv1 and SSLv2Hello were removed from the default value of "hadoop.ssl.enabled.protocols".
core-default.xml
public static final String SSL_ENABLED_PROTOCOLS_DEFAULT = "TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
TLSv1 and SSLv2Hello are considered to be vulnerable. Let's remove these by default.
- is related to
-
HADOOP-15169 "hadoop.ssl.enabled.protocols" should be considered in httpserver2
-
- Resolved
-
-
HADOOP-16549 Remove Unsupported SSL/TLS Versions from Docs/Properties
-
- Resolved
-
- relates to
-
HADOOP-11243 SSLFactory shouldn't allow SSLv3
-
- Closed
-
-
HADOOP-12817 Enable TLS v1.1 and 1.2
-
- Resolved
-