hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Zhuge (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HADOOP-14083) KMS should support old SSL clients
Date Thu, 23 Feb 2017 18:33:44 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-14083?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15880983#comment-15880983

John Zhuge edited comment on HADOOP-14083 at 2/23/17 6:33 PM:

KMS_SILENT changes do not apply to trunk because kms.sh has been re-written and kms-config.sh
removed in trunk.

was (Author: jzhuge):
KMS_SILENT changes will not apply to trunk because kms.sh has been re-written and kms-config.sh

> KMS should support old SSL clients
> ----------------------------------
>                 Key: HADOOP-14083
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14083
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>    Affects Versions: 2.8.0, 2.7.4, 2.6.6
>            Reporter: John Zhuge
>            Assignee: John Zhuge
>            Priority: Minor
>         Attachments: HADOOP-14083.branch-2.001.patch, HADOOP-14083.branch-2.002.patch
> HADOOP-13812 upgraded Tomcat to 6.0.48 which filters weak ciphers. Old SSL clients such
as curl stop working. The symptom is {{NSS error -12286}} when running {{curl -v}}.
> Instead of forcing the SSL clients to upgrade, we can configure Tomcat to explicitly
allow enough weak ciphers so that old SSL clients can work.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org

View raw message