diff options
Diffstat (limited to 'security-utils/src/main/java/com')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java | 2 | ||||
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java b/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java index 08ebba1670d..4f8919cdd5e 100644 --- a/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java +++ b/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java @@ -122,7 +122,7 @@ public class SslContextBuilder { public SSLContext build() { try { - SSLContext sslContext = SSLContext.getInstance("TLS"); + SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); TrustManager[] trustManagers = new TrustManager[] { trustManagerFactory.createTrustManager(trustStoreSupplier.get()) }; X509ExtendedKeyManager keyManager = this.keyManager != null ? this.keyManager diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java index e878ac33467..ea26be0ef4f 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java @@ -24,7 +24,7 @@ public interface TlsContext extends AutoCloseable { "TLS_AES_256_GCM_SHA384", // TLSv1.3 "TLS_CHACHA20_POLY1305_SHA256"); // TLSv1.3 - Set<String> ALLOWED_PROTOCOLS = Set.of("TLSv1.2", "TLSv1.3"); + Set<String> ALLOWED_PROTOCOLS = Set.of("TLSv1.2"); // TODO Enable TLSv1.3 SSLContext context(); |