HTTPS Excluded Ciphers

Lists the ciphers excluded by default.

By default, the following weak TLS/SSL ciphers are excluded from MapR's HTTPS implementation:

  • SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
  • SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
  • SSL_RSA_EXPORT_WITH_RC4_40_MD5

You can modify this list of excluded ciphers by editing the hadoop.ssl.exclude.cipher.suites property in the core-site.xml file. Restart the web servers that use the HTTPS protocol after changing the list of excluded ciphers. The following web servers use HTTPS:

  • MCS
  • JobTracker
  • TaskTracker
  • NodeManager
  • ResourceManager
  • HistoryServer
  • CLDB
  • HBase