Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-16000

Remove TLSv1 and SSLv2Hello from the default value of hadoop.ssl.enabled.protocols

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.3.0
    • security
    • None
    • Incompatible change, Reviewed
    • TLSv1 and SSLv2Hello were removed from the default value of "hadoop.ssl.enabled.protocols".

    Description

      core-default.xml
        public static final String SSL_ENABLED_PROTOCOLS_DEFAULT =
            "TLSv1,SSLv2Hello,TLSv1.1,TLSv1.2";
      

      TLSv1 and SSLv2Hello are considered to be vulnerable. Let's remove these by default.

      Attachments

        1. HADOOP-16000.002.patch
          2 kB
          Gabor Bota
        2. HADOOP-16000.001.patch
          2 kB
          Gabor Bota

        Issue Links

          Activity

            People

              gabor.bota Gabor Bota
              aajisaka Akira Ajisaka
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: