From 77fe540821e042db0b6bd604c7ed1e25b0495acc Mon Sep 17 00:00:00 2001
From: Andriy Redko <andriy.redko@aiven.io>
Date: Tue, 18 Oct 2022 12:23:19 -0400
Subject: [PATCH] Removing cipher suites which do not provide adequate security
 for HTTP/2

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
---
 .../org/opensearch/security/ssl/util/SSLConfigConstants.java   | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/main/java/org/opensearch/security/ssl/util/SSLConfigConstants.java b/src/main/java/org/opensearch/security/ssl/util/SSLConfigConstants.java
index 57a1df8ba4..287152d9dc 100644
--- a/src/main/java/org/opensearch/security/ssl/util/SSLConfigConstants.java
+++ b/src/main/java/org/opensearch/security/ssl/util/SSLConfigConstants.java
@@ -180,13 +180,10 @@ public static final String[] getSecureSSLProtocols(Settings settings, boolean ht
         "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
         "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
         "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
         "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
         "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
         "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
         "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
         "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
         "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
         "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",