[jira] [Assigned] (CASSANDRA-7528) certificate not validated for internode SSL encryption.

Michael Shuler (JIRA) Wed, 09 Jul 2014 18:52:16 -0700

     [ 
https://issues.apache.org/jira/browse/CASSANDRA-7528?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Michael Shuler reassigned CASSANDRA-7528:
-----------------------------------------

    Assignee: Michael Shuler

> certificate not validated for internode SSL encryption.
> -------------------------------------------------------
>
>                 Key: CASSANDRA-7528
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-7528
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Core
>         Environment: Amazon Linux on various AWS EC2 instance types.
>            Reporter: Joseph Clark
>            Assignee: Michael Shuler
>
> An expired certificate may be used to encrypt internode communication.
> To reproduce, set the server_encryption_options to enable internode 
> encryption. Add the private key to the specified .keystore, and an expired 
> certificate generated using the private key to the specified truststore. The 
> same keys are used far all cassandra nodes in the cluster. 
> When cassandra is started, it is able to communicate with other cassandra 
> nodes even though the certificate is expired.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Assigned] (CASSANDRA-7528) certificate not validated for internode SSL encryption.

Reply via email to