Default to allowing TLS v1.1 + v1.2
diff --git a/has-project/has-common/src/main/java/org/apache/kerby/has/common/ssl/SSLFactory.java b/has-project/has-common/src/main/java/org/apache/kerby/has/common/ssl/SSLFactory.java
index bfec17d..2067e66 100644
--- a/has-project/has-common/src/main/java/org/apache/kerby/has/common/ssl/SSLFactory.java
+++ b/has-project/has-common/src/main/java/org/apache/kerby/has/common/ssl/SSLFactory.java
@@ -76,7 +76,6 @@
public static final String SSL_ENABLED_PROTOCOLS =
"hadoop.ssl.enabled.protocols";
- public static final String DEFAULT_SSL_ENABLED_PROTOCOLS = "TLSv1";
private HasConfig conf;
private Mode mode;
@@ -108,7 +107,7 @@
keystoresFactory = new KeyStoresFactory();
keystoresFactory.setConf(sslConf);
- enabledProtocols = new String[] {DEFAULT_SSL_ENABLED_PROTOCOLS};
+ enabledProtocols = new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"};
}
private HasConfig readSSLConfiguration(Mode mode) throws HasException {