[
https://issues.apache.org/jira/browse/KNOX-3276?focusedWorklogId=1009500&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1009500
]
ASF GitHub Bot logged work on KNOX-3276:
----------------------------------------
Author: ASF GitHub Bot
Created on: 13/Mar/26 08:13
Start Date: 13/Mar/26 08:13
Worklog Time Spent: 10m
Work Description: smolnar82 opened a new pull request, #1176:
URL: https://github.com/apache/knox/pull/1176
[KNOX-3276:](https://issues.apache.org/jira/browse/KNOX-3276) - Fixed a bug
while setting SSL protocols
## What changes were proposed in this pull request?
#1175 introduced new configuration to control CM client SSL configs.
Unfortunately a bug sneaked in while configuring TLS protcols in
`org.apache.knox.gateway.topology.discovery.cm.DiscoveryApiClient#configureSslProtocols`:
I used the `connectionSpecBuilder.cipherSuites` instead of
`connectionSpecBuilder.tlsVersions`
This PR fixes that bug and extends existing unit tests to cover the SSL
settings too.
## How was this patch tested?
Extended and ran existing unit tests.
## Integration Tests
N/A
## UI changes
N/A
Issue Time Tracking
-------------------
Worklog Id: (was: 1009500)
Time Spent: 50m (was: 40m)
> Add new config that controls TLS settings in CM client
> ------------------------------------------------------
>
> Key: KNOX-3276
> URL: https://issues.apache.org/jira/browse/KNOX-3276
> Project: Apache Knox
> Issue Type: Task
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Major
> Fix For: 3.0.0
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> As of today, Knox uses its own server-side TLS configuration inĀ
> DiscoveryApiClient when it comes to configuring SSL between Knox and CM.
> However, this might not overlap and CM uses a separate set of TLS
> ciphers/protocols. To address that, we will need to add new configs to
> control the SSL settings within the CM API client.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
