From 788c9f8f11cc45d832b642daecb8df8b5e424b74 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Thu, 3 Oct 2019 12:51:08 +0200
Subject: [PATCH] tls/ja3: don't disable; allowing runtime enabling

---
 suricata.yaml.in | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/suricata.yaml.in b/suricata.yaml.in
index 9e2f91e9be..20e512b1be 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -727,8 +727,9 @@ app-layer:
       detection-ports:
         dp: 443
 
-      # Generate JA3 fingerprint from client hello
-      ja3-fingerprints: no
+      # Generate JA3 fingerprint from client hello. If not specified it
+      # will be disabled by default, but enabled if rules require it.
+      #ja3-fingerprints: yes
 
       # What to do when the encrypted communications start:
       # - default: keep tracking TLS session, check for protocol anomalies,
-- 
2.47.2