Allow configuring excluded ciphers and SSL protocols

[Grigoriy Roghkov (groghkov)]

Protocol and ciphers come from JDK. JDK can add new protocols/ciphers at any time.
If we use only inclusion lists we block support of new protocols/ciphers because they will not be in inclusion list and application will ignore theirs.
We need to use exclusion lists so that we don’t block out future support.

[Deleted user (ghost)]

It looks like Grigoriy Roghkov (@groghkov) hasn't signed our Contributor License Agreement, yet.

The purpose of a CLA is to ensure that the guardian of a project's outputs has the necessary ownership or grants of rights over all contributions to allow them to distribute under the chosen licence.
Wikipedia

You can read and sign our full Contributor License Agreement here.

Once you've signed reply with [clabot:check] to prove it.

Appreciation of efforts,

clabot

[Confluent Jenkins Bot (ConfluentJenkins)]

Can one of the admins verify this patch?

[Ewen Cheslack-Postava (ewencp)]

ok to test

[Confluent Jenkins Bot (ConfluentJenkins)]

Can one of the admins verify this patch?

[Confluent Jenkins Bot (ConfluentJenkins)]

Test FAILed.

[Ewen Cheslack-Postava (ewencp)]

LGTM, but there's a trivial checkstyle issue. Grigoriy Roghkov (@groghkov) do you also want to retarget to 3.4.x branch, which will get this in a release sooner?