Github user ivmaykov commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/184#discussion_r195517105 --- Diff: src/java/main/org/apache/zookeeper/common/X509Util.java --- @@ -79,7 +91,7 @@ public X509Util() { String cipherSuitesInput = System.getProperty(cipherSuitesProperty); if (cipherSuitesInput == null) { - cipherSuites = null; + cipherSuites = getDefaultCipherSuites(); --- End diff -- Should we also intersect the selected cipher suites with enabled cipher suites (after this if/else so it covers both branches)? I'm not an expert on Java SSL APIs so I'm not sure if it's necessary. Maybe @dain or @electrum can chime in.
---