Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-11418

HttpFS should support old SSL clients

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.8.0, 2.7.4, 2.6.6
    • Fix Version/s: 2.9.0
    • Component/s: httpfs
    • Labels:
      None
    • Target Version/s:

      Description

      HADOOP-13812 upgraded Tomcat to 6.0.48 which filters weak ciphers. Old SSL clients such as curl stop working. The symptom is NSS error -12286 when running curl -v.

      Instead of forcing the SSL clients to upgrade, we can configure Tomcat to explicitly allow enough weak ciphers so that old SSL clients can work.

        Attachments

        1. HDFS-11418.branch-2.001.patch
          5 kB
          John Zhuge
        2. HDFS-11418.branch-2.002.patch
          15 kB
          John Zhuge
        3. HDFS-11418.branch-2.003.patch
          15 kB
          John Zhuge

          Issue Links

            Activity

              People

              • Assignee:
                jzhuge John Zhuge
                Reporter:
                jzhuge John Zhuge
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: