[ https://issues.apache.org/jira/browse/CASSANDRA-8751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15394398#comment-15394398 ]
sai k potturi commented on CASSANDRA-8751: ------------------------------------------ When will we have this available? We have not been able to enable SSL for our cluster because of the split-brain scenario mentioned. We are currently on 2.1.12 vesrion. > C* should always listen to both ssl/non-ssl ports > ------------------------------------------------- > > Key: CASSANDRA-8751 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8751 > Project: Cassandra > Issue Type: Improvement > Reporter: Minh Do > Assignee: Minh Do > Priority: Critical > Fix For: 3.x > > > Since there is always one thread dedicated on server socket listener and it > does not use much resource, we should always have these two listeners up no > matter what users set for internode_encryption. > The reason behind this is that we need to switch back and forth between > different internode_encryption modes and we need C* servers to keep running > in transient state or during mode switching. Currently this is not possible. > For example, we have a internode_encryption=dc cluster in a multi-region AWS > environment and want to set internode_encryption=all by rolling restart C* > nodes. However, the node with internode_encryption=all does not open to > listen to non-ssl port. As a result, we have a splitted brain cluster here. -- This message was sent by Atlassian JIRA (v6.3.4#6332)