In Oracle Linux 6.8 configurations, the curl command cannot connect to certain CDH services that run on Apache Tomcat when the cluster has been configured for TLS/SSL. Specifically, HttpFS, KMS, Oozie, and Solr services reject connection attempts because the default cipher configuration uses weak temporary server keys (based on Diffie-Hellman key exchange protocol).
- depends upon
HDFS-11418 HttpFS should support old SSL clients
- relates to
HADOOP-14417 Update default SSL cipher list for KMS