[
https://issues.apache.org/jira/browse/CASSANDRA-17513?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17525974#comment-17525974
]
Maulin Vasavada edited comment on CASSANDRA-17513 at 4/21/22 6:50 PM:
----------------------------------------------------------------------
{code:java}
I am open to considering implementing this idea if we don't force operators to
explicitly a single store file i.e. maintain backward compatibility with what
we have. However, it feels like this should be out of scope here and we can
create a separate ticket to address it across both native and internode
configurations {code}
On the above quote, if I understand you correctly- you are suggesting that
somebody can work on a separate ticket to support having client/server keys in
the same keystore (in case anybody needs it)?
If my understanding is correct- then yes I agree that it should be a separate
concern out of the scope of this ticket.
was (Author: maulin.vasavada):
{code:java}
I am open to considering implementing this idea if we don't force operators to
explicitly a single store file i.e. maintain backward compatibility with what
we have. However, it feels like this should be out of scope here and we can
create a separate ticket to address it across both native and internode
configurations {code}
On the above quote, if I understand you correctly- you are suggesting that
somebody can work on a separate ticket to support having client/server keys in
the same keystore (in case anybody needs it)?
If my understand is correct- then yes I agree that it should be a separate
concern out of the scope of this ticket.
> Adding support for TLS client authentication for internode communication
> ------------------------------------------------------------------------
>
> Key: CASSANDRA-17513
> URL: https://issues.apache.org/jira/browse/CASSANDRA-17513
> Project: Cassandra
> Issue Type: Bug
> Reporter: Jyothsna Konisa
> Assignee: Jyothsna Konisa
> Priority: Normal
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Same keystore is being set for both Inbound and outbound connections but we
> should use a keystore with server certificate for Inbound connections and a
> keystore with client certificates for outbound connections. So we should add
> a new property in Cassandra.yaml to pass outbound keystore and use it in
> SSLContextFactory for creating outbound SSL context.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
