[jira] [Updated] (AMBARI-2270) Provide way to optionally enable two-way SSL for Server-Agent communication

[Dmitry Sen (JIRA)]

     [ 
https://issues.apache.org/jira/browse/AMBARI-2270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dmitry Sen updated AMBARI-2270:
-------------------------------

    Description: 
The two-way SSL mechanism used during server-agent registration exists to 
protect communication. This is useful in production environments but in typical 
"first use" or POC scenarios, having this level of security is not necessary. 
As well, certificate generation can be problematic causing failures.
We need to provide a way to make this mechanism optional:
1) By default, ship with Server-Agent Two-Way SSL off.
2) At any time post install, a user should be able to turn on Two-Way SSL and 
turn it back off, etc.

  was:
The two-way SSL mechanism used during server-agent registration exists to 
protect communication. This is useful in production environments but in typical 
"first use" or POC scenarios, having this level of security is not necessary. 
As well, certificate generation can be problematic causing failures.
We need to provide a way to make this mechanism optional:
1) By default, ship with Server-Agent Two-Way SSL on.
2) At any time post install, a user should be able to turn off Two-Way SSL and 
turn it back on.

    
> Provide way to optionally enable two-way SSL for Server-Agent communication
> ---------------------------------------------------------------------------
>
>                 Key: AMBARI-2270
>                 URL: https://issues.apache.org/jira/browse/AMBARI-2270
>             Project: Ambari
>          Issue Type: Improvement
>          Components: agent
>    Affects Versions: 1.2.3
>            Reporter: Dmitry Sen
>            Assignee: Dmitry Sen
>            Priority: Critical
>             Fix For: 1.3.0
>
>         Attachments: AMBARI-2270.patch
>
>
> The two-way SSL mechanism used during server-agent registration exists to 
> protect communication. This is useful in production environments but in 
> typical "first use" or POC scenarios, having this level of security is not 
> necessary. As well, certificate generation can be problematic causing 
> failures.
> We need to provide a way to make this mechanism optional:
> 1) By default, ship with Server-Agent Two-Way SSL off.
> 2) At any time post install, a user should be able to turn on Two-Way SSL and 
> turn it back off, etc.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira