From 6e51bde2285f71f3a5f54feb6c4f715391adffb3 Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Tue, 26 Mar 2019 18:15:20 +0530
Subject: [PATCH] client: don't disable TLSv1, TLSv1.1 by default that breaks
 VMware env

This fixes the issue that TLSv1 and TLSv1.1 are still used by CloudStack
management server to communicate with VMware vCenter server. With the
current defaults, the setup/deployment on VMware fails. Users/admins
can however setup the security file according to their env needs to
disable TLSv1 and TLSv1.1 for server sockets (8250/agent service for
example).

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 client/conf/java.security.ciphers.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/client/conf/java.security.ciphers.in b/client/conf/java.security.ciphers.in
index 6e7620e69c3..036488f506b 100644
--- a/client/conf/java.security.ciphers.in
+++ b/client/conf/java.security.ciphers.in
@@ -15,4 +15,4 @@
 # specific language governing permissions and limitations
 # under the License.
 
-jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1, TLSv1.1, DH keySize < 128, RSA keySize < 128, DES keySize < 128, SHA1 keySize < 128, MD5 keySize < 128, RC4
+jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, DH keySize < 128, RSA keySize < 128, DES keySize < 128, SHA1 keySize < 128, MD5 keySize < 128, RC4