diff options
author | Andreas Eriksen <andreer@yahooinc.com> | 2023-01-06 17:16:35 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-01-06 17:16:35 +0100 |
commit | 4bb0999694a314b8daebe179db39c1fe48cca21d (patch) | |
tree | b5e59f7141c7b38c9cce3dfb4662859c546ca8d7 /http-utils/src/main/java/ai/vespa/util/http/hc4/VespaHttpClientBuilder.java | |
parent | 58889b4e6d3f220c1c52907f37a57fc5c4e53060 (diff) |
Revert "Ensure that HTTPS clients only use allowed ciphers and protocol versions" (#25436)
Diffstat (limited to 'http-utils/src/main/java/ai/vespa/util/http/hc4/VespaHttpClientBuilder.java')
-rw-r--r-- | http-utils/src/main/java/ai/vespa/util/http/hc4/VespaHttpClientBuilder.java | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/http-utils/src/main/java/ai/vespa/util/http/hc4/VespaHttpClientBuilder.java b/http-utils/src/main/java/ai/vespa/util/http/hc4/VespaHttpClientBuilder.java index af01b123a27..953abcb04bc 100644 --- a/http-utils/src/main/java/ai/vespa/util/http/hc4/VespaHttpClientBuilder.java +++ b/http-utils/src/main/java/ai/vespa/util/http/hc4/VespaHttpClientBuilder.java @@ -29,8 +29,6 @@ import java.net.InetAddress; import java.util.logging.Level; import java.util.logging.Logger; -import static ai.vespa.util.http.hc4.SslConnectionSocketFactory.noopVerifier; - /** * Http client builder for internal Vespa communications over http/https. * @@ -103,8 +101,9 @@ public class VespaHttpClientBuilder { } } - private static SSLConnectionSocketFactory createSslSocketFactory(TlsContext ctx) { - return SslConnectionSocketFactory.of(ctx, noopVerifier()); + private static SSLConnectionSocketFactory createSslSocketFactory(TlsContext tlsContext) { + SSLParameters parameters = tlsContext.parameters(); + return new SSLConnectionSocketFactory(tlsContext.context(), parameters.getProtocols(), parameters.getCipherSuites(), new NoopHostnameVerifier()); } private static Registry<ConnectionSocketFactory> createRegistry(SSLConnectionSocketFactory sslSocketFactory) { |