Skip to content

[FLINK-39022][security] Set security.ssl.algorithms default value to modern cipher suite #27514

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
balassai wants to merge 3 commits into
base: master
Choose a base branch
from
Open

[FLINK-39022][security] Set security.ssl.algorithms default value to modern cipher suite #27514

balassai wants to merge 3 commits into from
+30 −3

Conversation

@balassai
Copy link
Contributor

@balassai balassai commented Feb 3, 2026
edited
Loading

What is the purpose of the change

The JDK update JDK-8245545 (JDK 11.0.30+, 17.0.18+, 21.0.10+, and 24+) disabled all TLS_RSA_* cipher suites by adding them to the jdk.tls.disabledAlgorithms security property. This action discontinues support for "Static RSA" key exchange in JDK. This affects TLS_RSA_WITH_AES_128_CBC_SHA, which is the current default for Flink.

Flink deployments operating on these specific JDK versions (or newer) will experience connection failures if the configuration relies on legacy RSA cipher suites (e.g., TLS_RSA_WITH_AES_128_CBC_SHA). This typically manifests as a javax.net.ssl.SSLHandshakeException during the handshake process.

To mitigate this, users should transition to cipher suites that support forward-secrecy (RFC 9325) and comply with the IETF Draft, Deprecating Obsolete Key Exchange Methods in TLS.

This change intends to help the cipher suite transition by updating the default value of the Flink security.ssl.algorithms configuration from the current obsolete TLS_RSA_WITH_AES_128_CBC_SHA to the modern defaults: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.

Justification: While both TLS_ECDHE_ECDSA_* and TLS_ECDHE_RSA_* variants were evaluated, TLS_ECDHE_RSA_* was selected. This choice prioritizes backward compatibility while maintaining full compliance with Java 11 (Flink's minimum supported version).

Migration: No user action is required to adopt this change; the migration occurs automatically upon upgrade if security.ssl.algorithm is not set explicitly in the Flink configuration.

Edge Cases:

  • Users who have explicitly overridden security.ssl.algorithms in flink-conf.yaml to a list containing only RSA ciphers will experience handshake failures until they update their config.
  • if Flink is sitting behind a load balancer or proxy that only supports TLS_RSA ciphers, connections will fail.
  • Extremely old custom clients (e.g., Java 6 era) that do not support Elliptic Curve cryptography might be unable to connect.

Brief change log

  • This change updates the security.ssl.algorithms configuration default value to TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.

Verifying this change

  • A default value check has been introduced in SecurityOptionsTest.

Does this pull request potentially affect one of the following parts:

  • Dependencies (does it add or upgrade a dependency): no
  • The public API, i.e., is any changed class annotated with @Public(Evolving): yes, the default value of security.ssl.algorithm will change.
  • The serializers: no
  • The runtime per-record code paths (performance sensitive): no
  • Anything that affects deployment or recovery: JobManager (and its components), Checkpointing, Kubernetes/Yarn, ZooKeeper:no
  • The S3 file system connector: no

Documentation

  • Does this pull request introduce a new feature? yes
  • If yes, how is the feature documented? documentation, release note

@flinkbot
Copy link
Collaborator

flinkbot commented Feb 3, 2026
edited
Loading

CI report:

Bot commands The @flinkbot bot supports the following commands:
  • @flinkbot run azure re-run the last Azure build

@gaborgsomogyi
Copy link
Contributor

gaborgsomogyi commented Feb 3, 2026

Thanks for the contribution. Without too deep consideration I miss 2 things:

  • Doc update
  • Release note which explains the change to users

Maybe there are other implications but we must be extra careful because we touch quite a sensitive part of Flink.

@gaborgsomogyi
Copy link
Contributor

gaborgsomogyi commented Feb 3, 2026

Since this change is on critical path we need a better explanation as description:

  • What is the exact change becase of the JDK changes
  • How that manifests in existing workloads
  • Mitigations if there are any
  • Changes made here (I think this covered)
  • Justification (why these)
  • Migration paths with edge cases (what will work and what won't)

I understand this is a lot but I'm 100% sure that this change is going to generate huge interest/impact.

@gaborgsomogyi gaborgsomogyi changed the title [FLINK-39022][core] Set security.ssl.algorithms default value to modern cipher suite [FLINK-39022][security] Set security.ssl.algorithms default value to modern cipher suite Feb 3, 2026
@balassai
Copy link
Contributor Author

balassai commented Feb 3, 2026

Thanks for the contribution. Without too deep consideration I miss 2 things:

  • Doc update
  • Release note which explains the change to users

Maybe there are other implications but we must be extra careful because we touch quite a sensitive part of Flink.

Thank you for the input, I've modified the description.
Regarding Doc update / release note I'm not familiar with the location / process. What is the procedure and where are those located?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@balassai @flinkbot @gaborgsomogyi