[ https://issues.apache.org/jira/browse/DRILL-5643?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sorabh Hamirwasia reassigned DRILL-5643: ---------------------------------------- Assignee: Sindhuri Ramanarayan Rayavaram > Provide a way to configure excluded list of protocols and ciphers to be used > by WebServer > ----------------------------------------------------------------------------------------- > > Key: DRILL-5643 > URL: https://issues.apache.org/jira/browse/DRILL-5643 > Project: Apache Drill > Issue Type: Improvement > Components: Web Server > Affects Versions: 1.11.0 > Reporter: Sorabh Hamirwasia > Assignee: Sindhuri Ramanarayan Rayavaram > > Drill's WebServer uses the default protocol for TLS which is TLSv1 and > default list of cipher suites when SSL is enabled. This task is to add > capability to configure list of protocols / cipher to exclude from being used > by WebServer. > *Supported Protocols:* > enabledProtocols = {ProtocolList@6589} "[SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]” > *Selected Protocol Version:* > protocolVersion = {ProtocolVersion@6566} "TLSv1" > *Cipher Suites:* > cipherSuites = {ArrayList@6755} size = 36 > 0 = {CipherSuite@6607} "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" > 1 = {CipherSuite@6608} "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" > 2 = {CipherSuite@6609} "TLS_RSA_WITH_AES_256_CBC_SHA256" > 3 = {CipherSuite@6610} "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" > 4 = {CipherSuite@6611} "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" > 5 = {CipherSuite@6612} "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" > 6 = {CipherSuite@6613} "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" > 7 = {CipherSuite@6614} "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" > 8 = {CipherSuite@6615} "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" > 9 = {CipherSuite@6616} "TLS_RSA_WITH_AES_256_CBC_SHA" > 10 = {CipherSuite@6617} "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" > 11 = {CipherSuite@6618} "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" > 12 = {CipherSuite@6619} "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" > 13 = {CipherSuite@6620} "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" > 14 = {CipherSuite@6621} "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" > 15 = {CipherSuite@6622} "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" > 16 = {CipherSuite@6623} "TLS_RSA_WITH_AES_128_CBC_SHA256" > 17 = {CipherSuite@6624} "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256" > 18 = {CipherSuite@6625} "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" > 19 = {CipherSuite@6626} "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" > 20 = {CipherSuite@6627} "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256" > 21 = {CipherSuite@6628} "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" > 22 = {CipherSuite@6629} "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" > 23 = {CipherSuite@6630} "TLS_RSA_WITH_AES_128_CBC_SHA" > 24 = {CipherSuite@6631} "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" > 25 = {CipherSuite@6632} "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA" > 26 = {CipherSuite@6633} "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" > 27 = {CipherSuite@6634} "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" > 28 = {CipherSuite@6635} "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA" > 29 = {CipherSuite@6636} "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA" > 30 = {CipherSuite@6637} "SSL_RSA_WITH_3DES_EDE_CBC_SHA" > 31 = {CipherSuite@6638} "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" > 32 = {CipherSuite@6639} "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA" > 33 = {CipherSuite@6640} "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA" > 34 = {CipherSuite@6641} "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA" > 35 = {CipherSuite@6642} "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" -- This message was sent by Atlassian JIRA (v6.4.14#64029)