[ https://issues.apache.org/jira/browse/NUTCH-3030?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17826038#comment-17826038 ]
Hudson commented on NUTCH-3030: ------------------------------- SUCCESS: Integrated in Jenkins build Nutch ยป Nutch-trunk #148 (See [https://ci-builds.apache.org/job/Nutch/job/Nutch-trunk/148/]) NUTCH-3030 Use system default cipher suites instead of hard-coded set (markus: [https://github.com/apache/nutch/commit/551c50b1caac27ae65f25517de5b202b314fef0e]) * (edit) src/plugin/lib-http/src/java/org/apache/nutch/protocol/http/api/HttpBase.java > Use system default cipher suites instead of hard-coded set > ---------------------------------------------------------- > > Key: NUTCH-3030 > URL: https://issues.apache.org/jira/browse/NUTCH-3030 > Project: Nutch > Issue Type: Improvement > Affects Versions: 1.19 > Reporter: Martin Djukanovic > Assignee: Markus Jelsma > Priority: Minor > Attachments: NUTCH-3030.patch, default_ciphers_and_protocols-2.patch > > > If http.tls.supported.cipher.suites is not set in the configuration, it > defaults to a hard-coded list which is not exhaustive enough. I have > encountered websites that exclusively use ciphers which are not included, so > they could not be handled by protocol-http. > I changed this list to the system default -- SSLSocketFactory's > .getDefaultCipherSuites() to be precise. One could also use > .getSupportedCipherSuites() here, I suppose. > The original list should be moved to nutch-default.xml or omitted altogether. > The protocol list is still hard-coded, but it is now also added to > nutch-default.xml (so it can be easily changed manually if needed). -- This message was sent by Atlassian Jira (v8.20.10#820010)