[jira] [Reopened] (IMPALA-11922) Add Startup Flag to Select TLS Certificate Verification on JWKS URL

Jason Fehr (Jira) Tue, 30 May 2023 07:27:56 -0700


     [ 
https://issues.apache.org/jira/browse/IMPALA-11922?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jason Fehr reopened IMPALA-11922:
---------------------------------

reopening to set fix version

> Add Startup Flag to Select TLS Certificate Verification on JWKS URL
> -------------------------------------------------------------------
>
>                 Key: IMPALA-11922
>                 URL: https://issues.apache.org/jira/browse/IMPALA-11922
>             Project: IMPALA
>          Issue Type: New Feature
>          Components: Backend, Security
>            Reporter: Jason Fehr
>            Assignee: Jason Fehr
>            Priority: Major
>
> When JWT authentication is configured and the "jwks_url" startup flag is 
> specified, Impala is not verifying the JWKS server's TLS certificate.
> [https://github.com/apache/impala/blob/e17fd9a0d5428306dfa41a041a44c800824d72f6/be/src/util/jwt-util.cc#L557]
> Add a new startup flag that enables the user to select whether or not they 
> wish to verify the JWKS server's TLS certificate.  Default this option to 
> verifying the certificate.  *This is a breaking change as current behavior 
> skips TLS certificate verifications.*



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Reopened] (IMPALA-11922) Add Startup Flag to Select TLS Certificate Verification on JWKS URL

Reply via email to