diff options
Diffstat (limited to 'athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java')
-rw-r--r-- | athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java index 94df93aaea7..1a7224fdc71 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ConfigserverSslContextFactoryProvider.java @@ -30,7 +30,6 @@ import java.security.PublicKey; import java.security.cert.X509Certificate; import java.time.Duration; import java.time.Instant; -import java.util.Arrays; import java.util.Optional; import java.util.UUID; import java.util.concurrent.Executors; @@ -112,12 +111,6 @@ public class ConfigserverSslContextFactoryProvider extends AbstractComponent imp AthenzProviderServiceConfig.Zones zoneConfig) { SslContextFactory factory = new SslContextFactory(); - // Allow safe TLS_RSA* ciphers - String[] excludedCiphersWithoutTlsRsaExclusion = Arrays.stream(factory.getExcludeCipherSuites()) - .filter(cipher -> !cipher.equals("^TLS_RSA_.*$")) - .toArray(String[]::new); - factory.setExcludeCipherSuites(excludedCiphersWithoutTlsRsaExclusion); - factory.setWantClientAuth(true); KeyStore trustStore = |