Default to allowing TLS v1.1 + v1.2

commit: 00232edfe4d29eaf45f84fba6273c1ad1b8a282b [log] [tgz]
author: Colm O hEigeartaigh <coheigea@apache.org> Thu Nov 28 12:02:34 2019 +0000
committer: Colm O hEigeartaigh <coheigea@apache.org> Thu Nov 28 12:02:34 2019 +0000
tree: c5d31d634df8342d57cd0b6f56b5573392cee113
parent: 780b79390704325865eabdae52f2cb832df27239 [diff]
diff --git a/has-project/has-common/src/main/java/org/apache/kerby/has/common/ssl/SSLFactory.java b/has-project/has-common/src/main/java/org/apache/kerby/has/common/ssl/SSLFactory.java
index bfec17d..2067e66 100644
--- a/has-project/has-common/src/main/java/org/apache/kerby/has/common/ssl/SSLFactory.java
+++ b/has-project/has-common/src/main/java/org/apache/kerby/has/common/ssl/SSLFactory.java

@@ -76,7 +76,6 @@
 
   public static final String SSL_ENABLED_PROTOCOLS =
       "hadoop.ssl.enabled.protocols";
-  public static final String DEFAULT_SSL_ENABLED_PROTOCOLS = "TLSv1";
 
   private HasConfig conf;
   private Mode mode;
@@ -108,7 +107,7 @@
     keystoresFactory = new KeyStoresFactory();
     keystoresFactory.setConf(sslConf);
 
-    enabledProtocols = new String[] {DEFAULT_SSL_ENABLED_PROTOCOLS};
+    enabledProtocols = new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"};
   }
 
   private HasConfig readSSLConfiguration(Mode mode) throws HasException {
commit	00232edfe4d29eaf45f84fba6273c1ad1b8a282b	[log] [tgz]
author	Colm O hEigeartaigh <coheigea@apache.org>	Thu Nov 28 12:02:34 2019 +0000
committer	Colm O hEigeartaigh <coheigea@apache.org>	Thu Nov 28 12:02:34 2019 +0000
tree	c5d31d634df8342d57cd0b6f56b5573392cee113
parent	780b79390704325865eabdae52f2cb832df27239 [diff]