diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-12-19 16:04:48 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2023-01-09 11:14:56 +0100 |
commit | 462fd256f43cfa3ed8b3fcff0729dbf459844172 (patch) | |
tree | 6a20bbe22cc93f0464f1596615d6681bc5104ae1 /node-admin | |
parent | 0796ad7fd3a85d360df2742a408545703d2c2368 (diff) |
Ensure that HTTPS clients only use allowed ciphers and protocol versions
Diffstat (limited to 'node-admin')
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/ConfigServerApiImpl.java | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/ConfigServerApiImpl.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/ConfigServerApiImpl.java index 506ab842cff..61ee612e3de 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/ConfigServerApiImpl.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/configserver/ConfigServerApiImpl.java @@ -1,6 +1,7 @@ // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.node.admin.configserver; +import ai.vespa.util.http.hc4.SslConnectionSocketFactory; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import com.yahoo.config.provision.HostName; @@ -85,7 +86,7 @@ public class ConfigServerApiImpl implements ConfigServerApi { private ConfigServerApiImpl(Collection<URI> configServers, HostnameVerifier verifier, ServiceIdentityProvider identityProvider) { - this(configServers, createClient(new SSLConnectionSocketFactory(new ServiceIdentitySslSocketFactory(identityProvider), verifier))); + this(configServers, createClient(SslConnectionSocketFactory.of(new ServiceIdentitySslSocketFactory(identityProvider), verifier))); } private ConfigServerApiImpl(Collection<URI> configServers, CloseableHttpClient client) { @@ -94,7 +95,7 @@ public class ConfigServerApiImpl implements ConfigServerApi { } public static ConfigServerApiImpl createForTesting(List<URI> configServerHosts) { - return new ConfigServerApiImpl(configServerHosts, createClient(SSLConnectionSocketFactory.getSocketFactory())); + return new ConfigServerApiImpl(configServerHosts, createClient(SslConnectionSocketFactory.of())); } static ConfigServerApiImpl createForTestingWithClient(List<URI> configServerHosts, |