elastic · elasticsearchmachine · Mar 4, 2025 · Mar 4, 2025 · Mar 4, 2025
diff --git a/docs/changelog/123600.yaml b/docs/changelog/123600.yaml
@@ -0,0 +1,17 @@
+pr: 123600
+summary: Drop `TLS_RSA` cipher support for JDK 24
+area: TLS
+type: breaking
+issues: []
+breaking:
+  title: Drop `TLS_RSA` cipher support for JDK 24
+  area: Cluster and node setting
+  details: >-
+    This change removes `TLS_RSA` ciphers from the list of default supported ciphers,
+    for Elasticsearch deployments running on JDK 24.
+  impact: >-
+    The dropped ciphers are `TLS_RSA_WITH_AES_256_GCM_SHA384`, `TLS_RSA_WITH_AES_128_GCM_SHA256`,
+    `TLS_RSA_WITH_AES_256_CBC_SHA256`, `TLS_RSA_WITH_AES_128_CBC_SHA256`, `TLS_RSA_WITH_AES_256_CBC_SHA`,
+    and `TLS_RSA_WITH_AES_128_CBC_SHA`. TLS connections to Elasticsearch using these ciphers will no longer work.
+    Please configure your clients to use one of supported cipher suites.
+  notable: false
diff --git a/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java b/libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/SslConfigurationLoader.java
@@ -62,7 +62,7 @@ public abstract class SslConfigurationLoader {
 
     static final List<String> DEFAULT_PROTOCOLS = List.of("TLSv1.3", "TLSv1.2");
 
-    private static final List<String> JDK12_CIPHERS = List.of(
+    private static final List<String> PRE_JDK24_CIPHERS = List.of(
         // TLSv1.3 cipher has PFS, AEAD, hardware support
         "TLS_AES_256_GCM_SHA384",
         "TLS_AES_128_GCM_SHA256",
@@ -111,7 +111,44 @@ public abstract class SslConfigurationLoader {
         "TLS_RSA_WITH_AES_128_CBC_SHA"
     );
 
-    static final List<String> DEFAULT_CIPHERS = JDK12_CIPHERS;
+    private static final List<String> JDK24_CIPHERS = List.of(
+        // TLSv1.3 cipher has PFS, AEAD, hardware support
+        "TLS_AES_256_GCM_SHA384",
+        "TLS_AES_128_GCM_SHA256",
+
+        // TLSv1.3 cipher has PFS, AEAD
+        "TLS_CHACHA20_POLY1305_SHA256",
+
+        // PFS, AEAD, hardware support
+        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+
+        // PFS, AEAD, hardware support
+        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+
+        // PFS, AEAD
+        "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+        "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
+
+        // PFS, hardware support
+        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+
+        // PFS, hardware support
+        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+
+        // PFS, hardware support
+        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+
+        // PFS, hardware support
+        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+    );
+
+    static final List<String> DEFAULT_CIPHERS = Runtime.version().feature() < 24 ? PRE_JDK24_CIPHERS : JDK24_CIPHERS;
     private static final char[] EMPTY_PASSWORD = new char[0];
     public static final List<X509Field> GLOBAL_DEFAULT_RESTRICTED_TRUST_FIELDS = List.of(X509Field.SAN_OTHERNAME_COMMONNAME);
 

diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/XPackSettings.java
@@ -212,7 +212,7 @@ public Iterator<Setting<?>> settings() {
         Property.NodeScope
     );
 
-    private static final List<String> JDK12_CIPHERS = List.of(
+    private static final List<String> PRE_JDK24_CIPHERS = List.of(
         "TLS_AES_256_GCM_SHA384",
         "TLS_AES_128_GCM_SHA256", // TLSv1.3 cipher has PFS, AEAD, hardware support
         "TLS_CHACHA20_POLY1305_SHA256", // TLSv1.3 cipher has PFS, AEAD
@@ -238,7 +238,27 @@ public Iterator<Setting<?>> settings() {
         "TLS_RSA_WITH_AES_128_CBC_SHA"
     ); // hardware support
 
-    public static final List<String> DEFAULT_CIPHERS = JDK12_CIPHERS;
+    private static final List<String> JDK24_CIPHERS = List.of(
+        "TLS_AES_256_GCM_SHA384",
+        "TLS_AES_128_GCM_SHA256", // TLSv1.3 cipher has PFS, AEAD, hardware support
+        "TLS_CHACHA20_POLY1305_SHA256", // TLSv1.3 cipher has PFS, AEAD
+        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", // PFS, AEAD, hardware support
+        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", // PFS, AEAD, hardware support
+        "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+        "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", // PFS, AEAD
+        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", // PFS, hardware support
+        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", // PFS, hardware support
+        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", // PFS, hardware support
+        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" // PFS, hardware support
+    ); // hardware support
+
+    public static final List<String> DEFAULT_CIPHERS = Runtime.version().feature() < 24 ? PRE_JDK24_CIPHERS : JDK24_CIPHERS;
 
     public static final Setting<String> PASSWORD_HASHING_ALGORITHM = defaultStoredPasswordHashAlgorithmSetting(
         "xpack.security.authc.password_hashing.algorithm",

diff --git a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/XPackSettingsTests.java
@@ -30,8 +30,22 @@
 public class XPackSettingsTests extends ESTestCase {
 
     public void testDefaultSSLCiphers() {
-        assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_RSA_WITH_AES_128_CBC_SHA"));
-        assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_RSA_WITH_AES_256_CBC_SHA"));
+        assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_AES_256_GCM_SHA384"));
+        assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_AES_128_GCM_SHA256"));
+        assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"));
+        assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"));
+
+        if (Runtime.version().feature() < 24) {
+            assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_RSA_WITH_AES_256_CBC_SHA256"));
+            assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_RSA_WITH_AES_128_CBC_SHA256"));
+            assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_RSA_WITH_AES_256_CBC_SHA"));
+            assertThat(XPackSettings.DEFAULT_CIPHERS, hasItem("TLS_RSA_WITH_AES_128_CBC_SHA"));
+        } else {
+            assertThat(XPackSettings.DEFAULT_CIPHERS, not(hasItem("TLS_RSA_WITH_AES_256_CBC_SHA256")));
+            assertThat(XPackSettings.DEFAULT_CIPHERS, not(hasItem("TLS_RSA_WITH_AES_128_CBC_SHA256")));
+            assertThat(XPackSettings.DEFAULT_CIPHERS, not(hasItem("TLS_RSA_WITH_AES_256_CBC_SHA")));
+            assertThat(XPackSettings.DEFAULT_CIPHERS, not(hasItem("TLS_RSA_WITH_AES_128_CBC_SHA")));
+        }
     }
 
     public void testChaCha20InCiphersOnJdk12Plus() {

diff --git a/...in/core/src/test/java/org/elasticsearch/xpack/core/ssl/SSLConfigurationSettingsTests.java b/...in/core/src/test/java/org/elasticsearch/xpack/core/ssl/SSLConfigurationSettingsTests.java
@@ -35,15 +35,15 @@ public void testParseCipherSettingsWithoutPrefix() {
         final Settings settings = Settings.builder()
             .put("cipher_suites.0", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256")
             .put("cipher_suites.1", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256")
-            .put("cipher_suites.2", "TLS_RSA_WITH_AES_128_CBC_SHA256")
+            .put("cipher_suites.2", Runtime.version().feature() < 24 ? "TLS_RSA_WITH_AES_128_CBC_SHA256" : "TLS_AES_256_GCM_SHA384")
             .build();
         assertThat(
             ssl.ciphers.get(settings),
             is(
                 Arrays.asList(
                     "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                     "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-                    "TLS_RSA_WITH_AES_128_CBC_SHA256"
+                    Runtime.version().feature() < 24 ? "TLS_RSA_WITH_AES_128_CBC_SHA256" : "TLS_AES_256_GCM_SHA384"
                 )
             )
         );

diff --git a/...a/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptorTests.java b/...a/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptorTests.java
@@ -1130,7 +1130,7 @@ public void testProfileFiltersCreatedDifferentlyForDifferentTransportAndRemoteCl
                 mock(SslKeyConfig.class),
                 randomFrom(SslVerificationMode.values()),
                 SslClientAuthenticationMode.NONE,
-                List.of("TLS_RSA_WITH_AES_256_GCM_SHA384"),
+                List.of(Runtime.version().feature() < 24 ? "TLS_RSA_WITH_AES_256_GCM_SHA384" : "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"),
                 List.of("TLSv1.2")
             )
         );