ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Velmurugan Periasamy <vperias...@hortonworks.com>
Subject Re: Review Request 58915: RANGER-1500 : Add support to exclude/disable SSL protocols
Date Wed, 03 May 2017 20:44:16 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58915/#review173816
-----------------------------------------------------------




security-admin/src/main/resources/conf.dist/ranger-admin-site.xml
Lines 290 (patched)
<https://reviews.apache.org/r/58915/#comment246857>

    This will affect upgrades. We should leave the decision to the user to override this property
from the default value (and default value should be supporting all protocols from previous
version)


- Velmurugan Periasamy


On May 2, 2017, 12:56 p.m., bhavik patel wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58915/
> -----------------------------------------------------------
> 
> (Updated May 2, 2017, 12:56 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj,
Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1500
>     https://issues.apache.org/jira/browse/RANGER-1500
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Add support to disable/exclude weaker SSL protocols like TLSv1, TLSv1.1 for ranger.
> 
> 
> Diffs
> -----
> 
>   embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java
aef59bd 
>   security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml fb6d844 
>   security-admin/src/main/resources/conf.dist/ranger-admin-site.xml a4c36e0 
> 
> 
> Diff: https://reviews.apache.org/r/58915/diff/2/
> 
> 
> Testing
> -------
> 
> 1. Verifeid Ranger Admin & Ranger KMS on SSL enabled environment with excluding different
protocols.
> 
> 
> Thanks,
> 
> bhavik patel
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message