diff options
author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-12-19 16:04:48 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2023-01-06 11:33:59 +0100 |
commit | 6e162af9a091d2ac1c229281c47349e46d6c8239 (patch) | |
tree | 7acb73d5a41283608bd07d96e3db7b8b56f87eca /security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java | |
parent | 7d839355259eca823da9396c1ed15b43f7c98768 (diff) |
Ensure that HTTPS clients only use allowed ciphers and protocol versions
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java b/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java index d91c47e5eed..9b26b79a960 100644 --- a/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java +++ b/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java @@ -1,6 +1,8 @@ // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.security; +import com.yahoo.security.tls.TlsContext; + import javax.net.ssl.KeyManager; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; @@ -129,7 +131,7 @@ public class SslContextBuilder { public SSLContext build() { try { - SSLContext sslContext = SSLContext.getInstance("TLS"); + SSLContext sslContext = SSLContext.getInstance(TlsContext.SSL_CONTEXT_VERSION); X509ExtendedTrustManager trustManager = this.trustManager != null ? this.trustManager : trustManagerFactory.createTrustManager(trustStoreSupplier.get()); |