diff options
Diffstat (limited to 'security-utils')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java | 3 | ||||
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java b/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java index 4f8919cdd5e..221018122bf 100644 --- a/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java +++ b/security-utils/src/main/java/com/yahoo/security/SslContextBuilder.java @@ -2,6 +2,7 @@ package com.yahoo.security; import com.yahoo.security.tls.KeyManagerUtils; +import com.yahoo.security.tls.TlsContext; import com.yahoo.security.tls.TrustManagerUtils; import javax.net.ssl.KeyManager; @@ -122,7 +123,7 @@ public class SslContextBuilder { public SSLContext build() { try { - SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); + SSLContext sslContext = SSLContext.getInstance(TlsContext.SSL_CONTEXT_VERSION); TrustManager[] trustManagers = new TrustManager[] { trustManagerFactory.createTrustManager(trustStoreSupplier.get()) }; X509ExtendedKeyManager keyManager = this.keyManager != null ? this.keyManager diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java index 0c09faf459f..4eea1eb3d72 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java @@ -35,6 +35,7 @@ public interface TlsContext extends AutoCloseable { "TLS_CHACHA20_POLY1305_SHA256"); // TLSv1.3, Java 12 Set<String> ALLOWED_PROTOCOLS = Set.of("TLSv1.2"); // TODO Enable TLSv1.3 + String SSL_CONTEXT_VERSION = "TLSv1.2"; // TODO Enable TLSv1.3 /** * @return the allowed cipher suites supported by the provided context instance |