We should re-enable "SSLv2Hello", which is required for older clients (e.g. Java 6 with openssl 0.9.8x) so they can't connect without it. Just to be clear, it does not mean SSLv2, which is insecure.
I couldn't simply do an addendum patch on
HDFS-7274 because it's already been closed.