1 files changed, 0 insertions, 7 deletions

diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java
index 94df93aaea7..1a7224fdc71 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java
@@ -30,7 +30,6 @@ import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.time.Duration;
 import java.time.Instant;
-import java.util.Arrays;
 import java.util.Optional;
 import java.util.UUID;
 import java.util.concurrent.Executors;
@@ -112,12 +111,6 @@ public class ConfigserverSslContextFactoryProvider extends AbstractComponent imp
                                                                  AthenzProviderServiceConfig.Zones zoneConfig) {
         SslContextFactory factory = new SslContextFactory();
 
-        // Allow safe TLS_RSA* ciphers
-        String[] excludedCiphersWithoutTlsRsaExclusion = Arrays.stream(factory.getExcludeCipherSuites())
-                .filter(cipher -> !cipher.equals("^TLS_RSA_.*$"))
-                .toArray(String[]::new);
-        factory.setExcludeCipherSuites(excludedCiphersWithoutTlsRsaExclusion);
-
         factory.setWantClientAuth(true);
 
         KeyStore trustStore =