Skip to content

Commit

Permalink
remove CBC ciphers deemed unsafe
Browse files Browse the repository at this point in the history
  • Loading branch information
@jsvd
jsvd committed Dec 4, 2019
1 parent eaf8a51 commit e2217fd
Showing 1 changed file with 2 additions and 6 deletions.
8 changes: 2 additions & 6 deletions src/main/java/org/logstash/plugins/inputs/http/util/SslSimpleBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,14 +29,10 @@ public class SslSimpleBuilder implements SslBuilder {
This list require the OpenSSl engine for netty.
*/
public final static String[] DEFAULT_CIPHERS = new String[] {
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
};

private String[] ciphers = DEFAULT_CIPHERS;
Expand Down

0 comments on commit e2217fd

Please sign in to comment.