[
https://issues.apache.org/jira/browse/FLINK-9312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16474814#comment-16474814
]
ASF GitHub Bot commented on FLINK-9312:
---------------------------------------
Github user EronWright commented on the issue:
https://github.com/apache/flink/pull/5966
To be honest I don't see a great need to support anything other than a
single trusted certificate for internal communication. We could easily build
some conveniences around that, like generating a certificate upon cluster
startup with an truststore containing only that certificate. I see no need to
perform hostname verification because the truststore is constrained.
One drawback is that the queryable state interface is practically
inaccessible because the cluster certificate is likely unknown to the client.
Regarding external connectivity, I don't think that mutual SSL is
universally applicable, and I explore some options in FLIP-26.
> Perform mutual authentication during SSL handshakes
> ---------------------------------------------------
>
> Key: FLINK-9312
> URL: https://issues.apache.org/jira/browse/FLINK-9312
> Project: Flink
> Issue Type: New Feature
> Components: Security
> Reporter: Stephan Ewen
> Priority: Major
> Fix For: 1.6.0
>
>
> Currently, the Flink processes encrypted connections via SSL:
> - Data exchange TM - TM
> - RPC JM - TM
> - Blob Service JM - TM
> However, the server side always accepts any client to build up the
> connection, meaning the connections are not strongly authenticated.
> Activating SSL mutual authentication solves that - only processes that have
> the same certificate can connect.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
