[
https://issues.apache.org/jira/browse/CASSANDRA-8751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15394398#comment-15394398
]
sai k potturi commented on CASSANDRA-8751:
------------------------------------------
When will we have this available? We have not been able to enable SSL for our
cluster because of the split-brain scenario mentioned. We are currently on
2.1.12 vesrion.
> C* should always listen to both ssl/non-ssl ports
> -------------------------------------------------
>
> Key: CASSANDRA-8751
> URL: https://issues.apache.org/jira/browse/CASSANDRA-8751
> Project: Cassandra
> Issue Type: Improvement
> Reporter: Minh Do
> Assignee: Minh Do
> Priority: Critical
> Fix For: 3.x
>
>
> Since there is always one thread dedicated on server socket listener and it
> does not use much resource, we should always have these two listeners up no
> matter what users set for internode_encryption.
> The reason behind this is that we need to switch back and forth between
> different internode_encryption modes and we need C* servers to keep running
> in transient state or during mode switching. Currently this is not possible.
> For example, we have a internode_encryption=dc cluster in a multi-region AWS
> environment and want to set internode_encryption=all by rolling restart C*
> nodes. However, the node with internode_encryption=all does not open to
> listen to non-ssl port. As a result, we have a splitted brain cluster here.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
