[
https://issues.apache.org/jira/browse/OOZIE-2756?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15797898#comment-15797898
]
Peter Cseh commented on OOZIE-2756:
-----------------------------------
Thanks for the patch [~asasvari]!
I think the default value verifications in {{TestSSLServerConnectorFactory}}
are not correct, because they are not testing the contents of
{{oozie-defaul.xml}}, but the values set in the {{setUp}} method.
The other thing is, that the default value for the
{{oozie.https.truststore.pass}} in {{oozie-default.xml}} is"cloudera". It
should be empty, can you also change that?
> Extend HTTPS configuration settings for embedded Jetty
> ------------------------------------------------------
>
> Key: OOZIE-2756
> URL: https://issues.apache.org/jira/browse/OOZIE-2756
> Project: Oozie
> Issue Type: Improvement
> Reporter: Attila Sasvari
> Assignee: Attila Sasvari
> Attachments: OOZIE-2756-01.patch
>
>
> Regarding HTTPS settings, currently Oozie only support
> {{oozie.https.include.protocols}} and {{oozie.https.exclude.cipher.suites}}
> (introduced by OOZIE-2666).
> However, Jetty SslContextFactory supports the following configurations:
> * excludeProtocols
> * includeProtocols
> * excludeCipherSuites
> * includeCipherSuites
> To have more control over employed protocols and cipher suites, we should
> extend current implementation to allow users to configure
> {{excludeProtocols}} and {{includeCipherSuites}}. Sensible defaults are also
> needed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
