kishorekasi commented on a change in pull request #350: Issue 349: Documentation for security feature in 4.5.0 URL: https://github.com/apache/bookkeeper/pull/350#discussion_r130972335
########## File path: site/docs/security/tls.md ########## @@ -0,0 +1,178 @@ +--- +title: Encryption and Authentication using TLS +prev: ../index.html +next: ../sasl +--- + +Apache BookKeeper allows clients and autorecovery daemons to communicate over TLS, although this is not enabled by default. + +## Overview + +The bookies and clients need their own key and certificate in order to use TLS. The key is used for encryption, while the Review comment: TestTLS#testConnectToTLSClusterNonTLSClient - Tests whether a client, not configured to use TLS, can talk to bookie cluster with TLS enabled. I do not have a test to only encrypt but not authenticate. Not sure if it is even possible. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
